Constraint Programming Models for Chosen Key Differential Cryptanalysis

Abstract : In this paper, we introduce Constraint Programming (CP) models to solve a cryptanalytic problem: the chosen key differential attack against the standard block cipher AES. The problem is solved in two steps: In Step 1, bytes are abstracted by binary values; In Step 2, byte values are searched. We introduce two CP models for Step 1: Model 1 is derived from AES rules in a straightforward way; Model 2 contains new constraints that remove invalid solutions filtered out in Step 2. We also introduce a CP model for Step 2. We evaluate scale-up properties of two classical CP solvers (Gecode and Choco) and a hybrid SAT/CP solver (Chuffed). We show that Model 2 is much more efficient than Model 1, and that Chuffed is faster than Choco which is faster than Gecode on the hardest instances of this problem. Furthermore, we prove that a solution claimed to be optimal in two recent cryptanalysis papers is not optimal by providing a better solution.
Complete list of metadatas

Cited literature [23 references]  Display  Hide  Download
Contributor : Christine Solnon <>
Submitted on : Monday, June 13, 2016 - 4:09:17 PM
Last modification on : Thursday, February 7, 2019 - 3:04:20 PM


Files produced by the author(s)


  • HAL Id : hal-01331222, version 1


David Gerault, Marine Minier, Christine Solnon. Constraint Programming Models for Chosen Key Differential Cryptanalysis. 22nd International Conference on Principles and Practice of Constraint Programming (CP 2016), Sep 2016, Toulouse, France. pp.584-601. ⟨hal-01331222⟩



Record views


Files downloads