The first step In Algebraic-attack is expressing the cipher operations as a system of equations. Is there an automated tool to do this?
Asked
Active
Viewed 362 times
2 Answers
6
Theoretically, the equations could be derived from the representation of the cipher in a hardware description language like VHDL or Verilog; you implement the cipher as if you want to make a FPGA/ASIC which runs it, but you stop at the symbolic representation of the logic gates (the "netlist"). However, I am not aware of any existing conversion tool which will transform a netlist into a sequence of equations in the right format for whatever equation solver you want to use for performing the attack.
Thomas Pornin
- 88,324
- 16
- 246
- 315
0
Yes, there is an automated tool exists for stream ciphers, and is easily configurable for new ones: https://github.com/msoos/grainofsalt by Mate Soos (great guy, creator of CryptoMiniSAT)
Otherwise, manually but software assisted, people use often Sage for this using this function: https://doc.sagemath.org/html/en/reference/cryptography/sage/crypto/boolean_function.html#sage.crypto.boolean_function.BooleanFunction.algebraic_normal_form and then ANF2CNF by Sage author Martin Albrecht: https://doc.sagemath.org/html/en/reference/sat/sage/sat/converters/polybori.html
CryptoMiniSat (and many other SAT Solvers) "eat" CNF as input.
Phil L.
- 101