International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

New Properties of the Double Boomerang Connectivity Table

Authors:
Qianqian Yang , State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
Ling Song , College of Cyber Security, Jinan University, Guangzhou, China; National Joint Engineering Research Center of Network Security Detection and Protection Technology, Jinan University, Guangzhou, China
Siwei Sun , School of Cryptology, University of Chinese Academy of Sciences, Beijing, China; State Key Laboratory of Cryptology, P.O. Box 5159, Beijing 100878, China
Danping Shi , State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
Lei Hu , State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China; School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
Download:
DOI: 10.46586/tosc.v2022.i4.208-242
URL: https://tosc.iacr.org/index.php/ToSC/article/view/9977
Search ePrint
Search Google
Abstract: The double boomerang connectivity table (DBCT) is a new table proposed recently to capture the behavior of two consecutive S-boxes in boomerang attacks. In this paper, we observe an interesting property of DBCT of S-box that the ladder switch and the S-box switch happen in most cases for two continuous S-boxes, and for some S-boxes only S-box switch and ladder switch are possible. This property implies an additional criterion for S-boxes to resist the boomerang attacks and provides as well a new evaluation direction for an S-box. Using an extension of the DBCT, we verify that some boomerang distinguishers of TweAES and Deoxys are flawed. On the other hand, inspired by the property, we put forward a formula for estimating boomerang cluster probabilities. Furthermore, we introduce the first model to search for boomerang distinguishers with good cluster probabilities. Applying the model to CRAFT, we obtain 9-round and 10-round boomerang distinguishers with a higher probability than that of previous works.
BibTeX
@article{tosc-2022-32704,
  title={New Properties of the Double Boomerang Connectivity Table},
  journal={IACR Transactions on Symmetric Cryptology},
  publisher={Ruhr-Universität Bochum},
  volume={2022, Issue 4},
  pages={208-242},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/9977},
  doi={10.46586/tosc.v2022.i4.208-242},
  author={Qianqian Yang and Ling Song and Siwei Sun and Danping Shi and Lei Hu},
  year=2022
}