Analysis of Division Property using MILP Method for Lightweight Blockcipher Piccolo

摘要

Division property is a generalized integral property which is a security evaluation against blockciphers. The Mixed Integer Linear Programming (MILP) method has been proposed to enable a more effective search of division property. In addition, improved MILP method proposed by Ling enables to apply Non-Bit -Permutation Linear layers. By using improved MILP method, we have advantage in division property analysis of Piccolo. In this paper, we revise and verify known evaluation results shown by Kubo and Shibayama. As the result, the validity of 8th and 12th evaluations are confirmed. Regarding 24th and 32nd evaluation, the validity concerning the analysis of Kubo and the effectiveness of MILP without SizeReduce are confirmed. Regarding 48th evaluation, we cannot find 7-round characteristic which is suggested from result of higher-order differential property shown by Shibayama. However, we found that assumption based on that 6-round 32nd order differential property can be extended is not appropriate. We confirmed this fact by computer simulations and conclude that 48th order characteristic does not hold after 7th round. For 63rd characteristic, we discover new result of 7-round division property which is one more round than known result. Therefore, we can clarify the characteristics of 63rd order which is theoretically upper-bound of Piccolo.