Automatic Demirci-Selcuk Meet-in-the-Middle Attack on SKINNY with Key-Bridging

Demirci-Selcuk meet-in-the-middle (DS - MITM) attack is an effective and generic method for analyzing iterative block ciphers. It reaches the best results on attacking AES in the single-key model. In ASIACRYPT 2018, a tool for finding VS - MITM attack automatically based on general constraint programming was put forward, which can not only enumerate VS - MITM distinguishers, but also partly automate the key-recovery process. However, the constraint programming models generated by this tool do not consider the key-bridging technique, which has been shown to be effective in reducing the complexities of many cryptanalytic attacks. In this work, we build a general constraint model for SKINNY-128-384 (the same target as the ASIACRYPT 2018 paper) integrated with the key-bridging technique. As a result, the time complexity of the key recovery attack on SKINNY-128-384 is significantly reduced from 2(382)(.)(46) to 2(366)(.)(28).