IMDEA Software

IMDEA initiative

Home > Events > Software Seminar Series > 2018 > Conditional Differential Cryptanalysis of the ARX Symmetric Primitive Salsa20

Anais Querol

Tuesday, October 9, 2018

10:45am Meeting room 302 (Mountain View), level 3

Anais Querol, PhD Student, IMDEA Software Institute

Conditional Differential Cryptanalysis of the ARX Symmetric Primitive Salsa20

Abstract:

Symmetric key cryptography is an essential part of communication systems, where a secret key is used to protect data confidentiality. Surprisingly, the only way of trusting these ciphers is to perform continuous analysis that update the security margin. With the advent of quantum computers in an arguably near future, the security of nowadays ciphers has been put into question. While most currently used asymmetric primitives would be completely broken, doubling the key size of symmetric constructions provides the same level of security with respect to exhaustive key search. However, we still have a long way to go in the field of quantum cryptography and further cryptanalysis must be carried out to reassure the validity of these emerging ciphers. We have studied the Salsa20 family of ciphers, which has received very little cryptanalysis ever since the most relevant result one decade ago despite the inclusion of this cipher suit in TLS 1.3. During this talk, I will explain a new attack to 8 rounds of Salsa using conditional differential cryptanalysis, which comprises the main result of my Master internship. This work has taken place at Inria Paris in the context of the ERC project QUASYModo under the supervision of the researcher María Naya Plasencia.