This paper introduces {\em truncated inner $c$-differential cryptanalysis}, a technique that enables the practical application of $c$-differential uniformity to block ciphers. While Ellingsen et al. (IEEE Trans. Inf. Theory, 2020) established the notion of $c$-differential uniformity by analyzing the equation $F(x\oplus a) \oplus cF(x) = b$, a key challenge remained: the outer multiplication by $c$ disrupts the structural properties essential for block cipher analysis, particularly key addition. We address this challenge by developing an \emph{inner} $c$-differential approach where multiplication by $c$ affects the input: $(F(cx\oplus a), F(x))$, thereby returning to the original idea of Borisov et al. (FSE, 2002). We prove that the inner $c$-differential uniformity of a function $F$ equals the outer $c$-differential uniformity of $F^{-1}$, establishing a duality between the two notions. This modification preserves cipher structure while enabling practical cryptanalytic applications. We apply our methodology to Kuznyechik (GOST R 34.12-2015) without initial key whitening. For reduced rounds, we construct explicit $c$-differential trails achieving probability $2^{-84.0}$ for two rounds and $2^{-169.7}$ for three rounds, representing improvements of 5.2 and 4.6 bits respectively over the best classical differential trails. For the full 9-round cipher, we develop a statistical truncated $c$-differential distinguisher. Through computational analysis involving millions of differential pairs, we identify configurations with bias ratios reaching $1.7\times$ and corrected p-values as low as $1.85 \times 10^{-3}$. The distinguisher requires data complexity $2^{33}$ chosen plaintext pairs, time complexity $2^{34}$, and memory complexity $2^{16}$.

翻译：本文提出了{\em 截断内部$c$差分密码分析}技术，该技术使得$c$差分均匀性能够实际应用于分组密码的分析。Ellingsen等人（IEEE Trans. Inf. Theory, 2020）通过分析方程$F(x\oplus a) \oplus cF(x) = b$建立了$c$差分均匀性的概念，但一个关键挑战仍然存在：外部与$c$的乘法破坏了分组密码分析（尤其是密钥加操作）所必需的结构特性。我们通过发展一种\emph{内部}$c$差分方法来解决这一挑战，其中与$c$的乘法作用于输入：$(F(cx\oplus a), F(x))$，从而回归到Borisov等人（FSE, 2002）的原始思想。我们证明了函数$F$的内部$c$差分均匀性等于其逆函数$F^{-1}$的外部$c$差分均匀性，从而确立了两种概念之间的对偶关系。这一修改在保持密码结构的同时，实现了实际的密码分析应用。我们将该方法应用于不含初始密钥白化的Kuznyechik密码（GOST R 34.12-2015）。对于缩减轮次版本，我们构建了显式的$c$差分轨迹，其概率在两轮时达到$2^{-84.0}$，在三轮时达到$2^{-169.7}$，相较于最佳经典差分轨迹分别提升了5.2比特和4.6比特。对于完整的9轮密码，我们开发了一种统计截断$c$差分区分器。通过涉及数百万差分对的计算分析，我们识别出偏倚比高达$1.7\times$、校正p值低至$1.85 \times 10^{-3}$的配置。该区分器所需的数据复杂度为$2^{33}$个选择明文对，时间复杂度为$2^{34}$，内存复杂度为$2^{16}$。