Katholieke Universiteit Leuven
An increasing number of cryptographic primitives are built using the ARX operations: addition modulo 2n, bit rotation and XOR. Because of their very fast performance in software, ARX ciphers are becoming increasingly common. However, there is currently no rigorous understanding of the security of ARX ciphers against one of the most common attacks in symmetric-key cryptography: differential cryptanalysis. In this paper, the authors introduce a tool to search for optimal differential characteristics for ARX ciphers.