This paper presents a thorough analysis of the AEAD scheme NORX, focussing on differential and rotational properties. We first introduce mathematical models that describe differential propagation with respect to the non-linear operation of NORX. Afterwards, we adapt a framework previously proposed for ARX designs allowing us to automatise the search for differentials and characteristics. We give upper bounds on the differential probability for a small number of steps of the NORX core permutation. For example, in a scenario where an attacker can only modify the nonce during initialisation, we show that characteristics have probabilities of less than 2−60 (32-bit) and 2−53 (64-bit) after only one round. Furthermore, we describe how we found the best characteristics for four rounds, which have probabilities of 2−584 (32-bit) and 2−836 (64-bit), respectively. Finally, we discuss some rotational properties of the core permutation which yield some first, rough bounds and can be used as a basis for future studies.
CITATION STYLE
Aumasson, J. P., Jovanovic, P., & Neves, S. (2015). Analysis of NORX: Investigating differential and rotational properties. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8895, pp. 306–324). Springer Verlag. https://doi.org/10.1007/978-3-319-16295-9_17
Mendeley helps you to discover research relevant for your work.