CNF Characterization of Sets over ℤ2n and Its Applications in Cryptography

In recent years, automatic search has been widely used to search differential characteristics and linear approximations with high probability/correlation in symmetric-key cryptanalyses. Among these methods, the automatic search with the Boolean satisfiability problem (SAT, in short) gradually become...

Full description

Saved in:
Bibliographic Details
Published inJournal of systems science and complexity Vol. 38; no. 4; pp. 1784 - 1802
Main Authors Hu, Xiaobo, Xu, Shengyuan, Tu, Yinzi, Feng, Xiutao, Zhang, Weihan
Format Journal Article
LanguageEnglish
Published Berlin/Heidelberg Springer Berlin Heidelberg 01.08.2025
Springer Nature B.V
Subjects
Algorithms
Approximation
Canonical forms
Complex Systems
Control
Cryptography
Mathematics
Mathematics and Statistics
Mathematics of Computing
Operations Research/Decision Theory
Search methods
Statistics
Systems Theory
Boolean satisfiability problem
Automatic cryptanalysis
full CNF characterization
Online AccessGet full text

Cover

More Information
Summary:In recent years, automatic search has been widely used to search differential characteristics and linear approximations with high probability/correlation in symmetric-key cryptanalyses. Among these methods, the automatic search with the Boolean satisfiability problem (SAT, in short) gradually becomes a powerful cryptanalysis tool. A key problem in the SAT-based automatic search method is how to fully characterize a set S ⊆ {0, 1} n with as few Conjunctive normal form (CNF, in short) clauses as possible, which is called a full CNF characterization (FCC, in short) problem. In this work, the authors establish a complete theory to solve a best solution of an FCC problem. Specifically, the authors start from plain sets, which can be characterized by exactly one clause. By exploring mergeable sets, the authors give a sufficient and necessary condition for characterizing a plain set. Based on the properties of plain sets, the authors further provide an algorithm of solving an FCC problem for a given set S , which can generate all the minimal plain closures of S and produce a best FCC theoretically. As application, the authors apply the proposed algorithm to many common S -boxes used in block ciphers to characterize their differential distribution tables and linear approximation tables and get their FCCs, all of which are the best-known results at present.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1009-6124
1559-7067
DOI:10.1007/s11424-024-3168-2