S-box MILP toolkit

Toolkit for Counting Active S-boxes using Mixed-Integer Linear Programming (MILP)

This toolkit can be used to prove the security of cryptographic ciphers against linear and differential cryptanalysis. The toolkit generates a Mixed-Integer Linear Programming (MILP) problem which counts the minimum number of (linearly or differentially) active S-boxes for a given cipher. Currently, AES and xAES are implemented (both in the single-key and related-key setting), as well as Enocoro-128v2 (in the related-key setting). The technique is very general, and can be adapted to other ciphers with little effort.

This entry was posted in Tools. Bookmark the permalink.

Comments are closed.