generating graphs packed with paths
play

Generating Graphs Packed With Paths Philip Vejre 1 Mathias - PowerPoint PPT Presentation

Jul 04, 2023 •969 likes •1.6k views

Generating Graphs Packed With Paths Philip Vejre 1 Mathias Hall-Andersen 2 FSE 2019 1 DTU, Akamai Technologies 2 PLTC @ University of Copenhagen 1 Overview Motivation Linear Cryptanalysis & Graphs Subgraph Heuristics (for SPN) Plots &

  1. Generating Graphs Packed With Paths Philip Vejre 1 Mathias Hall-Andersen 2 FSE 2019 1 DTU, Akamai Technologies 2 PLTC @ University of Copenhagen 1

  2. Overview Motivation Linear Cryptanalysis & Graphs Subgraph Heuristics (for SPN) Plots & Results Future Work 2

  3. Motivation

  4. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  5. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  6. Differential and Linear Distinguishers [BS90] P x [ E k ( x ) + ∇ = E k ( x + ∆)] [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 3

  7. Differential and Linear Distinguishers In this presentation, focus on linear cryptanalysis (differential largely analogous) [MY92], [Mat93] P x [ � α, x � = � β, E k ( x ) � ] 4

  8. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 5

  9. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 U = ( α = u 0 , . . . , u r = β ) 5

  10. Iterated Ciphers and Trails E k = E ( r ) k r ◦ . . . ◦ E (2) k 2 ◦ E (1) k 1 U = ( α = u 0 , . . . , u r = β ) ( u i , u i +1 ) ( i ) = 2 · P x ∈ F n [ � u i , x � = � u i +1 , E ( i ) C k i k i ( x ) � ] − 1 5

  11. Hull Correlation contribution for linear trail 1 : r C k � C k i U = ( u i , u i +1 ) ( i ) i =0 1 under ‘Markov cipher assumption’ 6

  12. Hull Correlation contribution for linear trail 1 : r C k � C k i U = ( u i , u i +1 ) ( i ) i =0 � C k C k α,β = U U :( u 0 , u r )=( α,β ) 1 under ‘Markov cipher assumption’ 6

  13. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = � ( u i , u i +1 ) ( i )) 2 ∀ k : ( C k ( C k i =0 7

  14. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C k U ) 2 U :( u 0 , u r )=( α,β ) 7

  15. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C k U ) 2 U ∈U , ( u 0 , u r )=( α,β ) 7

  16. Hull; Expected Linear Potential For key-alternating ciphers (key-addition in the field): r U ) 2 = ( C U ) 2 = ∀ k : ( C k � ( C k ( u i , u i +1 ) ( i )) 2 i =0 E [( C α,β ) 2 ] ≈ � ( C U ) 2 U ∈U , ( u 0 , u r )=( α,β ) Problem: Current methods usually linear in the number of trails 7

  17. Linear Cryptanalysis & Graphs

  18. Multistage Graph α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 8

  19. Nodes and Parities α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 Nodes α ∈ F n represent parities α ∗ for linear cryptanalysis: α ∗ : v �→ � v , α � 9

  20. Edges and Approximations α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 l ( u → v ) = ( C k ( u , v ) ) 2 10

  21. Paths and Trails α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 r − 1 � l ( v 0 � v r ) = l ( v i → v i +1 ) i =0 11

  22. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 12

  23. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  24. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  25. Hulls as Sets of Paths α 0 u 0 v 0 β 0 α 1 u 1 v 1 β 1 α 2 u 2 v 2 β 2 α 3 u 3 v 3 β 3 E (1) E (2) E (3) k 1 k 2 k 3 � � w G E ( α β ) = l ( α � β ) = w G E ( α v ) · l ( v → β ) ♦ ♦ v 13

  26. Suitable Subgraphs The full graph G E is too large. (exponential in the block-size) 14

  27. Can we find suitable ¯ G E ⊂ G E , that contains the good trails? i.e. max α,β w ¯ G E ( α β ) is large. ♦ 15

  28. Subgraph Heuristics (for SPN)

  29. Overall Method 1. Pick disjoint ‘families’ of edges 16

  30. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 16

  31. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 3. Expand the families to a full graph 16

  32. Overall Method 1. Pick disjoint ‘families’ of edges 2. Prune the families an ‘approximate’ graph 3. Expand the families to a full graph 4. Remove unneeded vertices & edges in resulting graph 16

  33. Pruning Strip l ( v → u ) = 0 17

  34. Pruning Prune 18

  35. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. 19

  36. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 19

  37. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 p = (1 , 2 − 2 , 1 , 2 − 2 ) 19

  38. S-Box Patterns / Families of edges Example: 16-bit SPN, with four identical 4-bit S-Boxes. C 2 ( 0x3 , 0xd ) = 2 − 2 C 2 ( 0x7 , 0x4 ) = 2 − 2 p = (1 , 2 − 2 , 1 , 2 − 2 ) Ex( p ) = { ( 0x0303 , 0x0d0d ) , ( 0x0307 , 0x0d04 ) , ( 0x0703 , 0x040d ) , ( 0x0707 , 0x0404 ) } 19

  39. S-Box Patterns / Families of edges Ex( p ) = { ( 0x0303 , 0x0d0d ) , ( 0x0307 , 0x0d04 ) , ( 0x0703 , 0x040d ) , ( 0x0707 , 0x0404 ) } Ex in ( p ) = { 0x0303 , 0x0307 , 0x0703 , 0x0707 } Ex out ( p ) = { 0x0d0d , 0x0d04 , 0x040d , 0x0404 } 20

  40. Graph Defined By S-Box Pattern Set Given a set of S-Box patterns P , the graph defined by P : � E = Ex( P ) = Ex( p ) p ∈P V = Ex in ( P ) ∪ Ex out ( P ) 21

  41. Graph Defined By S-Box Pattern Set Let P be a set of S-Box patterns defining our subgraph. 22

  42. Graph Defined By S-Box Pattern Set Let P be a set of S-Box patterns defining our subgraph. For intermediate stages: v / ∈ Ex in ( P ) ∩ Ex out ( P ) = ⇒ v is pruned 22

  43. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) 23

  44. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) Idea: Can we prune P before expanding? 23

  45. Graph Compression Problem: Ex( P ) too large to store explicitly ( | Ex( P ) | ≫ |P| ) Idea: Can we prune P before expanding? Generate an approximation of ¯ G E = Ex( P ), by applying a compression function g j : F n → F n / j to every vertex. u → v ∈ ¯ g j ( ¯ G E = ⇒ ˆ g j ( u ) → ˆ g j ( v ) ∈ ˆ G E ) 23

  46. Graph Compression Iteratively refine the compression: 1. Generate a set of patterns P . 2. Pick a j > 1 such that j is a power of two: g j ( ¯ 2.1 Generate the graph ˆ G E ) from P and prune. g j ( ¯ 2.2 Remove dead patterns from P according to ˆ G E ). 2.3 If j = 2 then stop. Otherwise set j = j / 2 and repeat. 24

  47. Vertex Anchoring S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 25

  48. Vertex Anchoring Pruned middle rounds S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 26

  49. Vertex Anchoring Pruned middle rounds S 0 S 1 S 2 S 3 S 4 S 5 S 6 S 7 27

  50. Plots & Results

  51. https://gitlab.com/psve/cryptagraph 28

  52. Plots of subgraphs (for small parameters) 29

  53. PRESENT [BKL + 07] 30

  54. GIFT [BPP + 17] 31

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding

Graphs Readings: Section 28 Topics: Introduction to directed graphs Representing graphs Finding paths Termination Improving find-path Making find-path more efficient Intro Representation Paths v1 Termination Paths v2 Paths v3 1/45 16:

302 views • 15 slides
Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings

Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings

Graphs II - Shortest paths Single Source Shortest Paths All Sources Shortest Paths some drawings and notes from prof. Tom Cormen Single Source SP Context: directed graph G=(V ,E,w), weighted edges The shortest path (SP) between

881 views • 69 slides
"Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths!

"Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths!

WiSP : Weighted Shortest Paths for RDF graphs Gonzalo Tartari, Aidan Hogan DCC, Universidad de Chile "Interesting" Paths = Shortest Paths? "Interesting" Paths Shortest Paths! (Many of the) Existing Approaches Enumerate

783 views • 52 slides
Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges.

Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges.

Shortest Paths, and Dijkstras Algorithm: Overview Graphs with lengths/weights/costs on edges. Shortest paths in edge-weighted graphs Dijkstas classic algorithm for computing single-source shortest paths. Kousha Etessami (U. of Edinburgh,

716 views • 13 slides
Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32

Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32

Graphs-Introduction November 9, 2016 CMPE 250 Graphs-Introduction November 9, 2016 1 / 32 Graphs - Basic Concepts Basic definitions: vertices and edges More definitions: paths, simple paths, cycles, loops Connected and disconnected graphs

484 views • 32 slides
Advertisement! CSE 528 Computational Neuroscience now open to undergraduates How does the

Advertisement! CSE 528 Computational Neuroscience now open to undergraduates How does the

Last Course Topic: Graphs & Trees Motivation for Graphs Definition Directed and undirected graphs Representing Graphs Paths, Circuits, and Trees Famous Graph Problems Covered in Chapters 9 and 10 in the text (we will

279 views • 25 slides
Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri

Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri

Replacement Paths and k Simple Shortest Paths in Unweighted Directed Graphs Liam Roditty Uri Zwick IIT Madras November 2019 Mithun, Jayasurya (IIT Madras) Replacement Paths November 2019 1 / 32 Introduction and Motivation Suppose that we

1.31k views • 89 slides
Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul

Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul

Generating Paths through Cultural Heritage Collections Samuel Fernando, Paula Goodale, Paul Clough, Mark Stevenson, Mark Hall, Eneko Agirre LaTeCH 2013, ACL Workshop, Sofia, Bulgaria. Outline Paths through cultural heritage collections

314 views • 28 slides
Paths and Random Walks on Graphs Based on materials by

Paths and Random Walks on Graphs Based on materials by

Paths and Random Walks on Graphs Based on materials by Lala Adamic and Purnamrita Sarkar 1 Mo#va#on: Link predic#on in social networks 2 Mo#va#on:

393 views • 38 slides
Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020

Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020

Shortest Paths in Graphs CS16: Introduction to Data Structures & Algorithms Spring 2020 Outline Shortest Paths Breadth First Search Dijkstras Algorithm 2 What is a Shortest Path? Given weighted graph G (weights on

1.39k views • 63 slides
The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1

The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1

Preliminaries Corona Graphs C m K n and P m K n Main Results Open Problems References The Sigma Chromatic Number of Corona of Cycles or Paths with Complete Graphs Agnes D. Garciano 1 Reginaldo M. Marcelo 1 Maria Czarina T. Lagura 2

671 views • 52 slides
Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer

Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer

Data Structures in Java Lecture 17: Traversing Graphs. Shortest Paths. 10/18/2015 Daniel Bauer 1 Today: Graph Traversals Depth First Search (a generalization of pre-order traversal on trees to graphs, users a Stack) Breadth First

1.6k views • 134 slides
Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip

Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip

Planar graphs: multiple-source shortest paths, brick decomposition, and Steiner tree Philip Klein joint work with Glencora Borradaile and Claire Mathieu Program: For fundamental optimization problems on graphs, get better algorithm when

972 views • 63 slides
Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul

Graphs of Edge-Intersecting and Non-Splitting Paths A. Boyac B.U Istanbul T. Ekim B.U, Istanbul M. Shalom Tel-Hai College S. Zaks Technion M. Shalom-Sep 19, 2014 ICTCS 14 , Perugia EPT and EPG Graphs [1] Golumbic, M. C. & Jamison, R.

478 views • 25 slides
Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La

Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La

Locating median paths on connected outerplanar graphs Andrea Scozzari University of Rome La Sapienza andrea.scozzari@uniroma1.it co-authors: Isabella Lari 7th Cologne-Twente Workshop on Federica Ricca Graphs and Combinatorial Ronald

656 views • 39 slides
Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Paths in graphs Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck http://cseweb.ucsd.edu/classes/sp16/cse21-bd/ April 20, 2016 Die Hard with a vengeance https://youtu.be/5_MoNu9Mkm4 Path Sequence (v 0 , e 1 , v 1 , e 2 , v 2 ,

1.68k views • 119 slides
PUFFIN PUFFIN FREE WEBAPP HOSTING FOR AVERAGE USERS FREE WEBAPP HOSTING FOR AVERAGE USERS Jarek

PUFFIN PUFFIN FREE WEBAPP HOSTING FOR AVERAGE USERS FREE WEBAPP HOSTING FOR AVERAGE USERS Jarek

PUFFIN PUFFIN FREE WEBAPP HOSTING FOR AVERAGE USERS FREE WEBAPP HOSTING FOR AVERAGE USERS Jarek Lipski / loomchild.net puffin.rocks / LET'S START WITH... LET'S START WITH... A DEMO A DEMO WHAT IS IT? WHAT IS IT? Platform Catalog

373 views • 8 slides
VideoLAN VLC 2.2.0 Jean-Baptiste Kempf samedi 31 janvier 2015 Ecole Centrale Paris The Cone

VideoLAN VLC 2.2.0 Jean-Baptiste Kempf samedi 31 janvier 2015 Ecole Centrale Paris The Cone

VideoLAN VLC 2.2.0 Jean-Baptiste Kempf samedi 31 janvier 2015 Ecole Centrale Paris The Cone VLC 1M per day More than 2B over VLC lifetime 1 every 6 Mac Top 15 Windows Most used French software VLC Support for DVDs Region

824 views • 39 slides
Programming What is a program? A set of instructions Understood by a computer What

Programming What is a program? A set of instructions Understood by a computer What

Programming What is a program? A set of instructions Understood by a computer What does a program look like? An algorithm is a set of instructions designed to accomplish a specific goal For a temperature f in Fahrenheit

513 views • 23 slides
Launch event Agenda Introducing our specification A level reforms and new requirements for

Launch event Agenda Introducing our specification A level reforms and new requirements for

Launch event Agenda Introducing our specification A level reforms and new requirements for MFL Our approach Overview of new specification content New assessment requirements Overview of AS assessment of Listening, Reading,

832 views • 40 slides
First order logic of permutations Michael Albert, Mathilde Bouvel and Valentin Fray June 28,

First order logic of permutations Michael Albert, Mathilde Bouvel and Valentin Fray June 28,

First order logic of permutations Michael Albert, Mathilde Bouvel and Valentin Fray June 28, 2016 PP2017 (Reykjavik University) What is a permutation? I An element of some group G acting on a finite set X ? I A bijective map f : X ! X for some

399 views • 18 slides
A simple method for citation metadata extraction using hidden Markov models Erik Hetzner

A simple method for citation metadata extraction using hidden Markov models Erik Hetzner

A simple method for citation metadata extraction using hidden Markov models Erik Hetzner (California Digital Library) JCDL 2008 Advantages of our method Good performance on homogeneous citations. Reasonable performance on heterogeneous

810 views • 27 slides
Carbon Literacy for Communities www.keepscotlandbeautiful.org/ccf Keep Scotland Beautiful; what

Carbon Literacy for Communities www.keepscotlandbeautiful.org/ccf Keep Scotland Beautiful; what

Carbon Literacy for Communities www.keepscotlandbeautiful.org/ccf Keep Scotland Beautiful; what we do Sustainable development education Provide education initiatives for children, young people and educators Local environmental quality Provide

1.01k views • 80 slides
Presented to Africa Climate Talks (ACT!) East, Southern and Indian Ocean African Small Island

Presented to Africa Climate Talks (ACT!) East, Southern and Indian Ocean African Small Island

Presentations by civil society on solutions and strategies to key challenges from climate change in Africa: Civil society uprising against climate malgovernance Patrick Bond , Director, University of KwaZulu-Natal Centre for Civil Society and

748 views • 48 slides

More recommend