This website contains a collection of tools related to cryptography. See the overview page for a list of all tools. The about page contains more information on this initiative, and instructions for submitting your own tool. Recently added tools are listed below.
A tool for information set decoding
This library, written in C++, is reasonably efficient at finding low weight codewords of a linear code using information set decoding.
Toolkit for the differential cryptanalysis of S-functions
Note: v2 fixes a bug in the probability calculation. This bug does not affect the matrices that are output by the program.
An increasing number of cryptographic primitives use operations such as addition modulo 2n, multiplication by a constant and bitwise Boolean functions as a source of non-linearity. In NIST’s SHA-3 competition, this applies to 6 out of the 14 second-round candidates. We generalize such constructions by introducing the concept of S-functions. An S-function is a function that calculates the i-th output bit using only the inputs of the i-th bit position and a finite state S[i]. Although S-functions have been analyzed before, our toolkit is the first to present a fully general and efficient framework to determine their differential properties. A precursor of this framework was used in the cryptanalysis of SHA-1. We show how to calculate the probability that given input differences lead to given output differences, as well as how to count the number of output differences with non-zero probability. Our methods are rooted in graph theory, and the calculations can be efficiently performed using matrix multiplications. The toolkit also provides a general algorithm to efficiently list the output differences with the highest probability, for a given type of difference and operation.
A set of documented C++ classes to help analyze Keccak-f
KeccakTools is a set of C++ classes aimed at helping analyze the sponge function family Keccak. Version 3.0 has now been released.
Toolkit for SAT-based attacks on cryptographic primitives
CryptLogVer is a toolkit that can be used to mount SAT-based attacks on cryptographic primitives (block ciphers, stream ciphers, hash functions). The main advantage of CryptLogVer is that it greatly simplifies the creation of CNF out of a given crypto primitive. CNF formulas coding crypto primitives are usually very challenging for a SAT solver. Therefore CryptLogVer could be also helpful for SAT community in providing hard CNF instances.
A tool to compute linear hulls for PRESENT
This tool computes linear hulls for the original PRESENT cipher. It confirms and even improves on the predicted bias (and the corresponding attack complexities) of conventional linear relations based on a single linear trail.
A simple tool for the automatic algebraic cryptanalysis of a large array of stream- and block ciphers
A simple tool for the automatic algebraic cryptanalysis of a large array of stream- and block ciphers. Three tests have been implemented and the best results have led to continued work on a computational cluster. Our best results show nonrandomness in Trivium up to 1070 rounds (out of 1152), and in the full Grain-128 with 256 rounds.
Deterministic Differential Properties of the BMW Compression Function
This tool can be used to demonstrate non-randomness in the Blue Midnight Wish compression function. The implementation of the compression function is taken from the submission to the second round by the design team.
A Fully Symbolic Polynomial System Generator for AES-128
SYMAES is a software tool that generates a system of polynomials in GF(2), corresponding to the round transformation and key schedule of the block cipher AES-128. Test vectors were added in v1.1.
Tools for the algebraic cryptanalysis of cryptographic primitives
Algebraic cryptanalysis of cryptographic primitives such as block ciphers, stream ciphers and hash functions usually proceeds in two steps. (A) The algorithm is expressed as a system of multi-variate equations F over some field (usually F2). (B) The system F is solved using some technique such as Grëbner basis algorithms, SAT solvers or mixed integer programming solvers. We provide scripts and tools for the mathematics software Sage to construct polynomial systems of equations for various block ciphers and conversion routines from algebraic normal form (ANF) to conjunctive normal form (CNF) and mixed integer programmes.
