Open AccessRotational analysis of ChaCha permutation
Author(s) -
Stefano Barbero,
Emanuele Bellini,
Rusydi H. Makarim
Publication year - 2023
Publication title -
advances in mathematics of communications
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.601
H-Index - 26
eISSN - 1930-5346
pISSN - 1930-5338
DOI - 10.3934/amc.2021057
Subject(s) - mathematics , permutation (music) , random permutation , combinatorics , block cipher , stream cipher , cryptanalysis , upper and lower bounds , point (geometry) , discrete mathematics , cryptography , block (permutation group theory) , algorithm , geometry , mathematical analysis , physics , acoustics
We show that the underlying permutation of ChaCha20 stream cipher does not behave as a random permutation for up to 17 rounds with respect to rotational cryptanalysis. In particular, we derive a lower and an upper bound for the rotational probability through ChaCha quarter round, we show how to extend the bound to a full round and then to the full permutation. The obtained bounds show that the probability to find what we call a parallel rotational collision is, for example, less than \begin{document}$ 2^{-505} $\end{document} for 17 rounds of ChaCha permutation, while for a random permutation of the same input size, this probability is \begin{document}$ 2^{-511} $\end{document} . We remark that our distinguisher is not an attack against the ChaCha20 stream cipher, but rather a theoretical analysis of its internal permutation from the point of view of rotational cryptanalysis. Whenever possible, our claims are supported by experiments.