On additive differential probabilities of the composition of bitwise exclusive-or and a bit rotation

arXiv:2303.04097v2 Announce Type: replace
Abstract: Properties of the additive differential probability $\mathrm{adp}^{\mathrm{XR}}$ of the composition of bitwise XOR and a bit rotation are investigated, where the differences are expressed using addition modulo $2^n$. This composition is widely used in ARX constructions consisting of additions modulo $2^n$, bit rotations and bitwise XORs. Differential cryptanalysis of such primitives may involve maximums of $\mathrm{adp}^{\mathrm{XR}}$, where some of its input or output differences are fixed. Although there is an efficient way to calculate this …

addition adp arxiv bitwise cs.cr exclusive rotation xor