Stringology-Based Cryptanalysis (SBC) offers a suitable and a structurally aligned approach for uncovering structural patterns in stream ciphers that traditional statistical tests may often fail to detect. Despite \texttt{EChaCha20}'s design enhancements, no systematic investigation has been performed to determine whether its expanded 6$\times$6 state matrix and modified Quarter-Round Function (\texttt{QR-F}) introduce subtle keystream patterns, rotational biases, or partial collisions that could serve as statistical distinguishers. As such, addressing this gap is critical to ensure that the cipher's modifications do not unintentionally reduce its security margin. Therefore, this paper leverages Knuth-Morris-Pratt (\texttt{KMP}) and Boyer-Moore (\texttt{BM}) algorithms to analyze \texttt{EChaCha20}, which is a variant of ChaCha20 that features an expanded 6$\times$6 state matrix and an enhanced \texttt{QR-F}. The author has developed and optimized adaptations of the \texttt{KMP} and \texttt{BM} algorithms for 32-bit word level pattern analysis and employed them to investigate $m$-bit pattern frequency distributions to assess the \texttt{EChaCha20}'s resistance of rotational-differential attacks. Our experimental results on large-scale one million keystream datasets have confirmed that \texttt{EChaCha20} is able to maintain strong pseudorandomness at 16-bit and 32-bit levels with minor irregularities observed in the 8-bit domain. In addition to these, the differential tests have indicated a rapid diffusion, exhibiting an avalanche effect after two \texttt{QR-F} rounds and no statistically significant rotational collisions were observed within the evaluated bounds, consistent with expected ARX diffusion behavior beyond 3 rounds. This work puts forward SBC as a complementary tool for ARX cipher evaluation and provide new thoughts on the security properties of \texttt{EChaCha20}.

翻译：基于字符串学的密码分析（SBC）提供了一种合适且结构对齐的方法，用于揭示流密码中传统统计测试常无法检测的结构模式。尽管EChaCha20的设计有所增强，但尚未有系统性研究来确定其扩展的6×6状态矩阵和改进的四分之一轮函数（QR-F）是否引入了细微的密钥流模式、旋转偏差或部分碰撞，这些可能作为统计区分器。因此，填补这一空白至关重要，以确保密码的修改不会意外地降低其安全边界。为此，本文利用Knuth-Morris-Pratt（KMP）和Boyer-Moore（BM）算法分析EChaCha20——这是ChaCha20的一种变体，具有扩展的6×6状态矩阵和增强的QR-F。作者开发并优化了适用于32位字级模式分析的KMP和BM算法改编版，并将其用于研究m位模式频率分布，以评估EChaCha20抵抗旋转-差分攻击的能力。我们在大规模百万密钥流数据集上的实验结果表明，EChaCha20能够保持16位和32位级别的强伪随机性，而在8位域中观察到轻微的不规则性。此外，差分测试显示了快速扩散，在两个QR-F轮后出现雪崩效应，并且在评估的边界内未观察到统计上显著的旋转碰撞，这与超过3轮后的预期ARX扩散行为一致。本工作提出SBC作为ARX密码评估的补充工具，并为EChaCha20的安全特性提供了新见解。