In a XOR-based alternating block cipher the plaintext is masked by a sequence of layers each performing distinct actions: a highly nonlinear permutation, a linear transformation, and the bitwise key addition. When assessing resistance against classical differential attacks (where differences are computed with respect to XOR), the cryptanalysts must only take into account differential probabilities introduced by the nonlinear layer, this being the only one whose differential transitions are not deterministic. The temptation of computing differentials with respect to another difference operation runs into the difficulty of understanding how differentials propagate through the XOR-affine levels of the cipher. In this paper we introduce a special family of braces that enable the derivation of a set of differences whose interaction with every layer of an XOR-based alternating block cipher can be understood. We show that such braces can be described also in terms of alternating binary algebras of nilpotency class two. Additionally, we present a method to compute the automorphism group of these structures through an equivalence between bilinear maps. By doing so, we characterise the XOR-linear permutations for which the differential transitions with respect to the new difference are deterministic, facilitating an alternative differential attack.

翻译：在基于XOR的交替分组密码中，明文通过一系列执行不同操作的层进行掩码：高度非线性置换、线性变换以及按位密钥加法。当评估对经典差分攻击（其中差分基于XOR计算）的抵抗能力时，密码分析者只需考虑由非线性层引入的差分概率，因为该层是唯一差分转移非确定性的环节。尝试基于另一种差分运算计算差分时会遇到理解差分如何通过密码的XOR-仿射层传播的难题。本文引入一类特殊辫结构，使得能够导出一组与基于XOR的交替分组密码每一层交互可被理解的差分。我们证明此类辫结构也可用幂零类为二的交替二元代数来描述。此外，我们提出一种方法，通过双线性映射间的等价性来计算这些结构的自同构群。由此，我们刻画了使得新差分下的差分转移具有确定性的XOR-线性置换，从而促进了一种替代性差分攻击。