The security evaluation of block ciphers relies on cryptanalytic techniques that are increasingly difficult to apply manually as designs grow in complexity and the number of rounds increases. This motivates the development of automatic and systematic tools that can explore large cryptanalytic search spaces, reduce human bias, and provide meaningful security bounds. This thesis investigates two complementary approaches to the automation of cryptanalysis. First, it focuses on the automation of differential cryptanalysis and its extension to advanced attack models based on this cryptanalysis through Constraint Programming (CP). We extend the Tagada, a CP framework, originally designed for differential attacks, to support boomerang and sandwich-style distinguishers. By modeling the composition of upper and lower differential trails in a unified optimization framework, we enable the automatic construction and evaluation of boomerang distinguishers, reaching the state-of-art results and discovering new ones in a more general approach. This contributes toward a more systematic and tool-assisted assessment of differential security. Second, this thesis studies the automation of cryptanalysis through machine learning. Due an unbalanced distribution, Neural distinguishers have shown strong empirical performance in distinguishing reduced-round block ciphers from random permutations, but they operate largely as black boxes and rely on implicit feature extraction. To make this process more systematic and interpretable, we introduce a generic feature-engineering technique based on partial decryption, which injects structural information about the cipher into neural distinguishers. This approach improves performance, enhances transparency, and clarifies the link between learned representations and classical differential properties. Overall, this work shows how optimization-based methods and machine-learning-based methods can be used as complementary tools for the automated analysis of block cipher security, helping bridge the gap between classical and data-driven cryptanalysis.
Brunelli, R. (2026). Automation of Differential Cryptanalysis through Constraint Programming and Machine Learning.
Automation of Differential Cryptanalysis through Constraint Programming and Machine Learning
Rocco Brunelli
2026-06-18
Abstract
The security evaluation of block ciphers relies on cryptanalytic techniques that are increasingly difficult to apply manually as designs grow in complexity and the number of rounds increases. This motivates the development of automatic and systematic tools that can explore large cryptanalytic search spaces, reduce human bias, and provide meaningful security bounds. This thesis investigates two complementary approaches to the automation of cryptanalysis. First, it focuses on the automation of differential cryptanalysis and its extension to advanced attack models based on this cryptanalysis through Constraint Programming (CP). We extend the Tagada, a CP framework, originally designed for differential attacks, to support boomerang and sandwich-style distinguishers. By modeling the composition of upper and lower differential trails in a unified optimization framework, we enable the automatic construction and evaluation of boomerang distinguishers, reaching the state-of-art results and discovering new ones in a more general approach. This contributes toward a more systematic and tool-assisted assessment of differential security. Second, this thesis studies the automation of cryptanalysis through machine learning. Due an unbalanced distribution, Neural distinguishers have shown strong empirical performance in distinguishing reduced-round block ciphers from random permutations, but they operate largely as black boxes and rely on implicit feature extraction. To make this process more systematic and interpretable, we introduce a generic feature-engineering technique based on partial decryption, which injects structural information about the cipher into neural distinguishers. This approach improves performance, enhances transparency, and clarifies the link between learned representations and classical differential properties. Overall, this work shows how optimization-based methods and machine-learning-based methods can be used as complementary tools for the automated analysis of block cipher security, helping bridge the gap between classical and data-driven cryptanalysis.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
