A new automatic framework for searching rotational-XOR differential characteristics in ARX ciphers

In this paper, a security evaluation framework for ARX ciphers, using modular addition as non-linear component, against rotational-XOR differential cryptanalysis is proposed. We first model all the possible propagations for rotational-XOR difference and rotational-XOR differential probability by some conjunctive normal form clauses. Then, acceleration techniques of automatic search are presented to derive better results and improve the efficiency. Our framework is successfully applied to SPECK, and we have identified rotational-XOR differential characteristics that cover more rounds than those previously reported. In particular, we present 17-round, 17-round and 24-round rotational-XOR differential characteristics for SPECK64/128, SPECK96/144 and SPECK128/256, whereas the previously longest characteristics cover 13, 13 and 13 rounds, respectively. For CHAM64/128, a 16-round characteristic with higher probability is proposed, while 17-round and 18-round rotational-XOR differential characteristics are provided for the first time. Furthermore, we apply rotational-XOR cryptanalysis on SPARX and Ballet for the first time, obtaining a 15-round rotational-XOR characteristic for SPARX64/128 and a 9-round characteristic for Ballet128/256.