Core Concepts
Algebraic structures, including binary bi-braces and nilpotent algebras of class two, enable alternative differential attacks on XOR-based block ciphers by providing a framework to understand the propagation of differences through the cipher's layers.
Abstract
The content discusses the algebraic structures underlying alternative differential cryptanalysis, which aims to exploit operations other than XOR to detect biases in the distribution of ciphertext differences.
The key insights are:
Binary bi-braces are a special family of skew braces that satisfy certain axioms, enabling the derivation of a set of differences whose interaction with every layer of an XOR-based alternating block cipher can be understood.
Binary bi-braces are shown to be equivalent to nilpotent algebras of class two, as well as to elementary abelian regular subgroups of the affine group that satisfy a dual normalization property.
The automorphism group of a binary bi-brace (or the corresponding nilpotent algebra) plays a crucial role in determining the feasibility of the alternative differential attack, as it characterizes the linear maps that respect both the XOR and the alternative operation.
The paper focuses on the case where the subspace R^2 (generated by all products x·y) has dimension 1, as this scenario is particularly relevant for cryptanalysis, allowing the prediction of the difference propagation through the key-addition layer with high probability.
The results provide a constructive characterization of the diffusion layers for which the alternative differential attack becomes feasible, which corresponds to understanding the automorphism group of the underlying algebraic structure.