{"id":"https://openalex.org/W4411144130","doi":"https://doi.org/10.1109/tit.2025.3577784","title":"Chasing Shadows: Advancements in Differential-Linear Cryptanalysis for ChaCha","display_name":"Chasing Shadows: Advancements in Differential-Linear Cryptanalysis for ChaCha","publication_year":2025,"publication_date":"2025-06-09","ids":{"openalex":"https://openalex.org/W4411144130","doi":"https://doi.org/10.1109/tit.2025.3577784"},"language":"en","primary_location":{"id":"doi:10.1109/tit.2025.3577784","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tit.2025.3577784","pdf_url":null,"source":{"id":"https://openalex.org/S4502562","display_name":"IEEE Transactions on Information Theory","issn_l":"0018-9448","issn":["0018-9448","1557-9654"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Theory","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Soumya Sahoo","orcid":"https://orcid.org/0009-0002-0154-7924"},"institutions":[{"id":"https://openalex.org/I24676775","display_name":"Indian Institute of Technology Madras","ror":"https://ror.org/03v0r5n49","country_code":"IN","type":"facility","lineage":["https://openalex.org/I24676775"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Soumya Sahoo","raw_affiliation_strings":["Department of Mathematics, Indian Institute of Technology Madras, Chennai, Tamil Nadu, India"],"raw_orcid":"https://orcid.org/0009-0002-0154-7924","affiliations":[{"raw_affiliation_string":"Department of Mathematics, Indian Institute of Technology Madras, Chennai, Tamil Nadu, India","institution_ids":["https://openalex.org/I24676775"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5046891732","display_name":"D. Chakraborty","orcid":"https://orcid.org/0000-0001-7240-5304"},"institutions":[{"id":"https://openalex.org/I4092182","display_name":"Graz University of Technology","ror":"https://ror.org/00d7xrm67","country_code":"AT","type":"education","lineage":["https://openalex.org/I4092182"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Debasmita Chakraborty","raw_affiliation_strings":["Institute of Information Security, Graz University of Technology, Graz, Austria","Graz University of Technology, Graz, Austria"],"raw_orcid":"https://orcid.org/0000-0001-7240-5304","affiliations":[{"raw_affiliation_string":"Institute of Information Security, Graz University of Technology, Graz, Austria","institution_ids":["https://openalex.org/I4092182"]},{"raw_affiliation_string":"Graz University of Technology, Graz, Austria","institution_ids":["https://openalex.org/I4092182"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058432784","display_name":"Santanu Sarkar","orcid":"https://orcid.org/0000-0001-6821-920X"},"institutions":[{"id":"https://openalex.org/I24676775","display_name":"Indian Institute of Technology Madras","ror":"https://ror.org/03v0r5n49","country_code":"IN","type":"facility","lineage":["https://openalex.org/I24676775"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Santanu Sarkar","raw_affiliation_strings":["Department of Mathematics, Indian Institute of Technology Madras, Chennai, Tamil Nadu, India"],"raw_orcid":"https://orcid.org/0000-0001-6821-920X","affiliations":[{"raw_affiliation_string":"Department of Mathematics, Indian Institute of Technology Madras, Chennai, Tamil Nadu, India","institution_ids":["https://openalex.org/I24676775"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I24676775"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.05997708,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"71","issue":"8","first_page":"6451","last_page":"6469"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9939000010490417,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9916999936103821,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/linear-cryptanalysis","display_name":"Linear cryptanalysis","score":0.8018378019332886},{"id":"https://openalex.org/keywords/impossible-differential-cryptanalysis","display_name":"Impossible differential cryptanalysis","score":0.7263078689575195},{"id":"https://openalex.org/keywords/differential-cryptanalysis","display_name":"Differential cryptanalysis","score":0.6130899786949158},{"id":"https://openalex.org/keywords/cryptanalysis","display_name":"Cryptanalysis","score":0.6054031252861023},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5475736856460571},{"id":"https://openalex.org/keywords/differential","display_name":"Differential (mechanical device)","score":0.4548138380050659},{"id":"https://openalex.org/keywords/higher-order-differential-cryptanalysis","display_name":"Higher-order differential cryptanalysis","score":0.4534705579280853},{"id":"https://openalex.org/keywords/block-cipher","display_name":"Block cipher","score":0.4396742880344391},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.3683779835700989},{"id":"https://openalex.org/keywords/algorithm","display_name":"Algorithm","score":0.3436684012413025},{"id":"https://openalex.org/keywords/physics","display_name":"Physics","score":0.12306186556816101}],"concepts":[{"id":"https://openalex.org/C82424418","wikidata":"https://www.wikidata.org/wiki/Q1826463","display_name":"Linear cryptanalysis","level":4,"score":0.8018378019332886},{"id":"https://openalex.org/C120488936","wikidata":"https://www.wikidata.org/wiki/Q3005748","display_name":"Impossible differential cryptanalysis","level":5,"score":0.7263078689575195},{"id":"https://openalex.org/C36123800","wikidata":"https://www.wikidata.org/wiki/Q1224471","display_name":"Differential cryptanalysis","level":4,"score":0.6130899786949158},{"id":"https://openalex.org/C181149355","wikidata":"https://www.wikidata.org/wiki/Q897511","display_name":"Cryptanalysis","level":3,"score":0.6054031252861023},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5475736856460571},{"id":"https://openalex.org/C93226319","wikidata":"https://www.wikidata.org/wiki/Q193137","display_name":"Differential (mechanical device)","level":2,"score":0.4548138380050659},{"id":"https://openalex.org/C151607707","wikidata":"https://www.wikidata.org/wiki/Q11673206","display_name":"Higher-order differential cryptanalysis","level":5,"score":0.4534705579280853},{"id":"https://openalex.org/C106544461","wikidata":"https://www.wikidata.org/wiki/Q543151","display_name":"Block cipher","level":3,"score":0.4396742880344391},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.3683779835700989},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.3436684012413025},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.12306186556816101},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tit.2025.3577784","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tit.2025.3577784","pdf_url":null,"source":{"id":"https://openalex.org/S4502562","display_name":"IEEE Transactions on Information Theory","issn_l":"0018-9448","issn":["0018-9448","1557-9654"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Theory","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W5758508","https://openalex.org/W1504341594","https://openalex.org/W1523702841","https://openalex.org/W1577801461","https://openalex.org/W2030944258","https://openalex.org/W2161517294","https://openalex.org/W2336016133","https://openalex.org/W2529842300","https://openalex.org/W2615105912","https://openalex.org/W3007085939","https://openalex.org/W3037810589","https://openalex.org/W3158476145","https://openalex.org/W3202606210","https://openalex.org/W4249246802","https://openalex.org/W4285161459","https://openalex.org/W4312800732","https://openalex.org/W4324139508","https://openalex.org/W4366957222","https://openalex.org/W4367596947","https://openalex.org/W4381429484","https://openalex.org/W4385654414","https://openalex.org/W4396566815","https://openalex.org/W4399805194","https://openalex.org/W6689963238"],"related_works":["https://openalex.org/W2557174342","https://openalex.org/W4230315357","https://openalex.org/W57168481","https://openalex.org/W2560473362","https://openalex.org/W1410349837","https://openalex.org/W1598870173","https://openalex.org/W2593607592","https://openalex.org/W2950215720","https://openalex.org/W4410253290","https://openalex.org/W2786560893"],"abstract_inverted_index":{"The":[0,26,94],"ChaCha":[1,29,115,140,366],"cipher":[2],"holds":[3],"significance":[4],"due":[5,143],"to":[6,144,182,190,227],"its":[7],"widespread":[8],"use":[9],"in":[10,16,104,157,170,195,236,248,264],"real-world":[11],"applications,":[12],"which":[13,34,85],"is":[14],"crucial":[15],"ensuring":[17],"secure":[18],"communication":[19],"protocols":[20],"such":[21],"as":[22,379],"TLS":[23],"and":[24,131,274,339,371,376,383],"SSH.":[25],"cryptanalysis":[27],"of":[28,38,57,125,152,173,239,270,278,295,329,335,343,365],"involves":[30],"a":[31,44,79,113,149,187,222,245,311,332,340],"differential-linear":[32,58,80],"attack":[33,109,217,358],"exploits":[35],"the":[36,55,92,100,123,153,171,177,196,215,229,253,268,276,293,302,368],"idea":[37],"Probabilistic":[39],"Neutral":[40],"Bits":[41],"(PNBs).":[42],"For":[43,252],"long":[45],"period,":[46],"researchers":[47],"predominantly":[48],"focused":[49],"on":[50,64,139,359],"incorporating":[51,210],"single-bit":[52],"differences":[53,90],"at":[54,67,91],"beginning":[56],"distinguishers":[59],"for":[60,112,214,233,281,310,317],"devising":[61],"key-recovery":[62],"attacks":[63,138],"ChaCha.":[65,319],"Notably,":[66],"ToSC":[68],"2023,":[69],"Bellini":[70,126],"<italic":[71,127,159],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[72,128,160,337,345,361,381,385],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">et":[73,129,161],"al</i>.":[74,130],"introduced":[75],"an":[76,105,205,261,307],"innovative":[77],"approach:":[78],"distinguisher":[81,97],"spanning":[82],"five":[83],"rounds,":[84],"takes":[86],"into":[87],"account":[88],"2-bit":[89],"beginning.":[93],"aforementioned":[95,303],"5-round":[96],"integrated":[98],"with":[99,200,348,374],"PNB":[101,241],"framework,":[102],"resulting":[103],"enhanced":[106,308],"key":[107,136,297,312,356],"recovery":[108,137,298,313,357],"specifically":[110,315],"tailored":[111],"7-round":[114,135],"cipher.":[116],"In":[117,180],"this":[118,183],"paper,":[119,163],"first,":[120],"we":[121,164,185,203,220,305,350],"revisit":[122],"work":[124],"show":[132],"that":[133,166],"their":[134],"are":[141],"impractical":[142],"insufficient":[145],"data.":[146],"Furthermore,":[147],"upon":[148],"thorough":[150],"reassessment":[151],"syncopation":[154],"technique":[155,189,226],"outlined":[156],"Wang":[158],"al</i>.\u2019s":[162],"observe":[165],"introducing":[167],"specific":[168],"conditions":[169],"computation":[172,235],"backward":[174,197,212,234,265,287],"bias":[175,198],"amplifies":[176],"data":[178,194,207,224,231,279,333,375],"complexity.":[179],"response":[181],"hurdle,":[184],"introduce":[186],"novel":[188,321],"effectively":[191],"leverage":[192],"rejected":[193],"calculation":[199],"conditions.":[201],"Subsequently,":[202],"formulate":[204],"adjusted":[206],"complexity":[208,250,334,342,378],"formula":[209],"all":[211],"biases":[213],"PNB-based":[216,296],"approach.":[218],"Second,":[219],"present":[221],"strategic":[223],"reduction":[225],"reduce":[228],"total":[230],"required":[232,280],"each":[237,282],"guess":[238,285],"non-":[240],"bits,":[242],"consequently":[243],"yielding":[244],"notable":[246],"improvement":[247],"time":[249,255,341,377],"analysis.":[251],"first":[254],"since":[256],"2008,":[257],"our":[258,323,354],"analysis":[259],"reveals":[260],"important":[262],"advancement":[263],"computation,":[266],"reducing":[267],"number":[269],"non-PNB":[271,283],"bit":[272,284],"guesses":[273],"decreasing":[275],"amount":[277],"during":[286],"computation.":[288],"These":[289],"enhancements":[290],"significantly":[291],"elevate":[292],"effectiveness":[294],"attacks.":[299],"Finally,":[300],"utilizing":[301],"ideas,":[304],"propose":[306],"framework":[309],"attack,":[314],"formalized":[316],"round-reduced":[318],"Using":[320],"techniques,":[322],"approach":[324],"successfully":[325,352],"breaks":[326],"seven":[327],"rounds":[328,364],"ChaCha,":[330],"achieving":[331],"2<sup":[336,344,380,384],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">101.15</sup>":[338],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">192.15</sup>.":[346],"Along":[347],"that,":[349],"have":[351],"presented":[353],"improved":[355],"ChaCha7.5<sup":[360],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">\u2295</sup>":[362],"(7.5":[363],"without":[367],"last":[369],"xor":[370],"left":[372],"rotation)":[373],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">101.14</sup>,":[382],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">230.58</sup>,":[386],"respectively.":[387]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}