This repository includes the source code of tools we used in our paper entitled Throwing Boomerangs into Feistel Structures: Application to CLEFIA, WARP, LBlock, LBlock-s and TWINE.

• An Efficient Automatic Tool to Search for Boomerang Distinguishers
  • Prerequisites
  • Usage
  • S-box Analyzer
  • Paper
  • License

Our tool to find distinguishers is written in Python3 and requires the following software:

• Gurobi
• Tex Live

Our tool is written in Python3 and follows the modular design paradigm. For instance, one module provides a simple user interface for the user, one module finds the truncated differential trails according to the method described in our paper, and another module instantiates the discovered truncated trails and computes the differential effect. There is also another module that generates the shape of the discovered distinguisher. For the experimental evaluations we have employed the C implementations provided by the designers of targeted ciphers.

The usage of our tool is the same for all applications. Thus we only show its usage for WARP. Our tool for WARP is located here. To see a brief documentation of parameters, run the following command:

python3 boom.py --help

For example to reproduce our distinguisher for 14 rounds of WARP, you can use the following command:

python3 boom.py -r0 2 -rm 10 -r1 2 -w0 6 -wm 3 -w1 6

Running this command, leaves a .tex file named bmd.tex within the working directory. By compiling bmd.tex using the following command, you can generate the shape of the discovered distinguisher in PDF format:

latexmk -pdf bmd.tex

The result of running the above command is a shape like this:

To compute the probability of boomerang switch in our 14-round boomerang distinguisher for WARP based on the FBCT framework, refer to warp/theoretical-evaluation and see the README. For experimental verifications refer to warp/experimental-evaluation and see the README.

As another example, to reproduce our distinguisher for 23 rounds of WARP, you can run the following command:

python3 boom.py -r0 6 -rm 10 -r1 7 -w0 2 -wm 1 -w1 2

Running the above command leaves a bmd.tex file in the working directory. By compiling this file using latexmk -pdf bmd.tex command you can generate the shape of the distinguisher in PDF format.

Our tool for encoding the DDT, LAT and the MPT of S-boxes is available here.

If you use our codes in a project resulting in an academic publication, please acknowledge it by citing our paper:

@article{DBLP:journals/tosc/HadipourNE22,
  author    = {Hosein Hadipour and
               Marcel Nageler and
               Maria Eichlseder},
  title     = {Throwing Boomerangs into Feistel Structures Application to CLEFIA,
               WARP, LBlock, LBlock-s and {TWINE}},
  journal   = {{IACR} Trans. Symmetric Cryptol.},
  volume    = {2022},
  number    = {3},
  pages     = {271--302},
  year      = {2022},
  doi       = {10.46586/tosc.v2022.i3.271-302}
}

Our tool is released under the MIT license.