Division Cryptanalysis of Block Ciphers with a Binary Diffusion Layer.

In this study, the authors propose an accurate approach to model the propagation of the division property of linear layers by the smallest amount of inequalities. The solutions of the inequalities are exactly the division trails of a linear transformation. Therefore, the description is compact and optimal. As applications of their results, they present a 7-round integral distinguisher for both Midori64 and Midori128. The designers of Midori only obtained a 3.5-round integral characteristic. For Skinny64, they find a 10-round integral distinguisher which was previously found by the designers. It is well to remind that their result proves that 7 rounds and 10 rounds are the upper bounds of Midori and Skinny64 correspondingly when searching for integral distinguishers based on division property. The significance of their result lies in that they shed light on how far division cryptanalysis can influence the security analysis of block ciphers with a binary diffusion layer, and their technique can be used to prove security against division cryptanalysis.