The multistep solving strategy consists in a divide-and-conquer approach: when a multivariate polynomial system is computationally infeasible to solve directly, one variable is assigned over the elements of the base finite field, and the procedure is recursively applied to the resulting simplified systems. In a previous work by the same authors (among others), this approach proved effective in the algebraic cryptanalysis of the Trivium cipher. In this paper, we present a new formulation of the corresponding algorithm based on a Depth-First Search strategy, along with a novel complexity analysis leveraging tree structures. We also introduce the notion of an ``oracle function'', which is intended to determine whether evaluating a new variable is required to simplify the current polynomial system. This notion allows us to unify all previously proposed variants of the multistep strategy, including the classical hybrid approach, by appropriately selecting the oracle function. Finally, we employ the multistep solving strategy in the cryptanalysis of the NSA's recently introduced low-latency block cipher Aradi, achieving a first full-round algebraic attack that exposes structural features in its symbolic model.

翻译：多步求解策略采用分治法：当多元多项式系统直接求解在计算上不可行时，先对基有限域元素赋值一个变量，再递归地对简化后的系统应用该过程。在作者先前的工作（及其他合作者）中，该方法在Trivium密码的代数密码分析中证明了其有效性。本文提出一种基于深度优先搜索策略的对应算法新表述，并利用树结构进行新颖的复杂度分析。同时，我们引入“预言函数”的概念，其作用在于判断是否需要评估新变量以简化当前多项式系统。通过适当选择预言函数，该概念使我们能够统一所有先前提出的多步策略变体，包括经典的混合方法。最后，我们将多步求解策略应用于NSA近期提出的低延迟分组密码Aradi的密码分析，实现了首次全轮代数攻击，并揭示了其符号模型中的结构特征。