Automating the Search for Cryptanalytic Attacks
Finding efficient cryptanalytic attacks involves several complex steps, such as identifying a distinguisher and extending it to an efficient key recovery attack. In recent years, automated tools that solve some of these steps have become indispensable instruments for cryptanalysts and designers. Most of this work has focused on finding efficient distinguishers with the help of off-the-shelf solvers such as MILP and SAT solvers, but researchers have also developed dedicated tools to target other attack phases. In this talk, I will provide an introduction to automated tools for cryptanalysis, with a focus on recent efforts to jointly optimize all steps of the attack. I will also discuss some open problems and challenges for the research community.
Maria Eichlseder is assistant professor of Cryptography at Graz University of Technology. Her research interests include the design and cryptanalysis of symmetric cryptographic algorithms, such as hash functions and authenticated encryption algorithms and their underlying primitives. She co-designed Ascon, a lightweight authenticated cipher that was selected by NIST as new standard for lightweight cryptography in 2023. She defended her Ph.D. sub auspiciis praesidentis in 2018 and visited Ruhr-Universität Bochum and Radboud University Nijmegen as a guest researcher. She has received several awards, including the Hedy Lamarr Award 2023.
Cryptanalysis Beyond Primitives
Cryptography relies on both primitives and modes of operations to ensure security. Traditionally, the security of primitives is studied through cryptanalysis, while the security of modes of operations is assessed through security proofs. However, in this talk, we propose to explore cryptanalysis techniques beyond primitives to uncover potential vulnerabilities in modes of operations and protocols.
Generic attacks complement the results obtained with security proofs, and give a better understanding of the overall security. In some cases, advanced generic attacks show surprising results, such as key-recovery attacks with birthday complexity, attacks that get more efficient on more complex constructions, or devastating attacks in the quantum setting. We will also consider the practical impact of some cryptanalysis results, by leveraging weaknesses of primitives to break concrete protocols.
Gaëtan is a researcher at INRIA in Paris, working on the construction and analysis of symmetric cryptography algorithms. He has participated to several standardization competitions for symmetric primitives (SHA-3, CAESAR, NIST lightweight competition), and contributed to the analysis of widely used standards. He also applies cryptanalysis techniques beyond primitives, to analyze the security of modes of operations, and to extend cryptanalysis results to practical settings. Several of his results have contributed to deprecating obsolete standards (MD5, 3DES, SHA-1, GEA).