Logical Cryptanalysis as a SAT Problem

@article{Massacci2004LogicalCA,
  title={Logical Cryptanalysis as a SAT Problem},
  author={Fabio Massacci and Laura Marraro},
  journal={Journal of Automated Reasoning},
  year={2004},
  volume={24},
  pages={165-203}
}
Cryptographic algorithms play a key role in computer security and the formal analysis of their robustness is of utmost importance. Yet, logic and automated reasoning tools are seldom used in the analysis of a cipher, and thus one cannot often get the desired formal assurance that the cipher is free from unwanted properties that may weaken its strength.In this paper, we claim that one can feasibly encode the low-level properties of state-of-the-art cryptographic algorithms as SAT problems and… 

Complete SAT based Cryptanalysis of RC5 Cipher

TLDR
This article presents a wide analysis and new experimental results of SATbased, direct cryptanalysis of the RC5 cipher, that uses logical encoding and uses SAT-solvers for checking the satisfiability of the Boolean formulas.

Applications of SAT Solvers in Cryptanalysis: Finding Weak Keys and Preimages

TLDR
An efficient, generic and automated method for generating SAT instances encoding a wide range of cryptographic computations is introduced and this method can be used to automate the first step of algebraic attacks, i.e. the generation of a system ofgebraic equations.

Extending SAT Solvers to Cryptographic Problems

TLDR
A new approach to solving cryptographic problems by adapting both the problem description and the solver synchronously instead of tweaking just one of them is presented, which was able to solve a well-researched stream cipher 26 times faster than was previously possible.

An efficient SAT-based algorithm for finding short cycles in cryptographic algorithms

  • E. DubrovaM. Teslenko
  • Computer Science, Mathematics
    2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
  • 2018
TLDR
The presented algorithm can handle cryptographic algorithms with very large state spaces, including important ciphers such as Trivium and Grain-128, and is found to contain short cycles whose existence, to the best knowledge, was previously unknown.

Use of SAT Solvers in Cryptanalysis

TLDR
This work creates a modeling library that allows simple creation of SAT instances and creates models for several cryptographic hash functions, which are evaluated on various SAT solvers, optimizations and heuristics.

Satisfiability-based Framework for Enabling Side-channel Attacks on Cryptographic Software

TLDR
A new framework for performing side-channel attacks is proposed by formulating the analysis phase as a search problem that can be solved using modern Boolean analysis techniques such as satisfiability solvers, which can substantially enhance the scope of side- channel attacks.

On Finding Short Cycles in Cryptographic Algorithms

TLDR
It is shown how short cycles in the state space of a cryptographic algorithm can be used to mount a fault attack on its implementation which results in a full secret key recovery and shows these ciphers have short cycles whose existence, to the best knowledge, was previously unknown.

Logical Reasoning to Detect Weaknesses About SHA-1 and MD4/5

TLDR
The logical cryptanalysis principle is presented, a weakness based on the use of round constants to detect probabilistic relations as implications or equivalences between certain variables is presented and a practical framework to exploit these weaknesses through the inversions of reduced-step versions of MD4, MD5, SHA-0 and SHA-1 is presented.

Inverting Thanks to SAT Solving - An Application on Reduced-step MD*

TLDR
A principle is presented, based on a propositional modeling and solving, and details on logical inferences, simplifications, learning and pruning techniques used as a preprocessor with the aim of reducing the computational complexity of the SAT solving and hence weakening the associated cryptanalysis.

Proving Functional Equivalence of Two AES Implementations Using Bounded Model Checking

  • H. PostC. Sinz
  • Computer Science, Mathematics
    2009 International Conference on Software Testing Verification and Validation
  • 2009
TLDR
This case study tackles the problem of proving the functional equivalence of two implementations of the AES crypto-algorithm using automatic bounded model checking techniques, and could semi-automatically prove equivalences of the first three rounds ofThe AES encryption routines.
...

References

SHOWING 1-10 OF 60 REFERENCES

A New Challenge for Automated Reasoning: Veriication and Cryptanalysis of Cryptographic Algorithms

TLDR
This paper advocates that it is possible to use logic to encode the low-level properties of state-of-the-art cryptographic algorithms and then use automated theorem proving for reasoning about them and calls this approach logical cryptanalysis.

Using Walk-SAT and Rel-Sat for Cryptographic Key Search

TLDR
Two state-of-the-art AI search algorithms have been tested on the encoding of the Data Encryption Standard, to see whether they are up the task, and what lesson can be learned from the analysis on this benchmark to improve SAT solvers are discussed.

The Inductive Approach to Verifying Cryptographic Protocols

Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state

A logic of authentication

TLDR
This paper shows how various protocols differ subtly with respect to the required initial assumptions of the participants and their final beliefs, and explains the formalism used, and gives examples of its application to protocols from the literature.

Is the data encryption standard a group

TLDR
Using a combination of software and special-purpose hardware, the cycling test is applied to the Data Encryption Standard and shows, with a high degree of confidence, that DES is not a group.

A Computing Procedure for Quantification Theory

TLDR
In the present paper, a uniform proof procedure for quantification theory is given which is feasible for use with some rather complicated formulas and which does not ordinarily lead to exponentiation.

Automated Analysis of Cryptographic Protocols Using Mur '

TLDR
The feasibility of the Mur' approach is illustrated by analyzing the Needham-Schroeder protocol,ding a known bug in a few seconds of computation time, and analyzing variants of Kerberos and the faulty TMN protocol used in another comparative study.

The First Experimental Cryptanalysis of the Data Encryption Standard

TLDR
An improved version of linear cryptanalysis is described and its application to the first, successful computer experiment in breaking the full 16-round DES with high success probability if 243 random plaintexts and their ciphertexts are available.

Automated analysis of cryptographic protocols using Mur/spl phi/

TLDR
The efficiency of Mur/spl phi/ allows us to examine multiple terms of relatively short protocols, giving us the ability to detect replay attacks, or errors resulting from confusion between independent execution of a protocol by independent parties.

Programming Satan's Computer

TLDR
The task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment.
...