全9轮及缩减轮次Kuznyechik密码的扩展c-差分区分器 (Extended c-differential distinguishers of full 9 and reduced-round Kuznyechik cipher)

This paper introduces {\em truncated inner $c$-differential cryptanalysis}, a novel technique that for the first time enables the practical application of $c$-differential uniformity to block ciphers. While Ellingsen et al. (IEEE Trans. Inf. Theory, 2020) established the notion of $c$-differential uniformity using $(F(x\oplus a), cF(x))$, a key challenge remained: multiplication by $c$ disrupts the structural properties essential for block cipher analysis, particularly key addition. We resolve this challenge by developing an \emph{inner} $c$-differential approach where multiplication by $c$ affects the input: $(F(cx\oplus a), F(x))$. We prove that the inner $c$-differential uniformity of a function $F$ equals the outer $c$-differential uniformity of $F^{-1}$, establishing a fundamental duality. This modification preserves cipher structure while enabling practical cryptanalytic applications. Our main contribution is a comprehensive multi-faceted statistical-computational framework, implementing truncated $c$-differential analysis against the full 9-round Kuznyechik cipher with no key pre-whitening (the inner $c$-differentials are immune to the key whitening at the backend). Through extensive computational analysis involving millions of differential pairs, we demonstrate statistically significant non-randomness across all tested round counts. For the full 9-round cipher, we identify multiple configurations triggering critical security alerts, with bias ratios reaching $1.7\times$ and corrected p-values as low as $1.85 \times 10^{-3}$, suggesting insufficient security margin against this new attack vector. This represents the first practical distinguisher against a full 9-round Kuznyechik variant.

翻译：本文提出了一种新颖的{\em 截断内$c$-差分密码分析}技术，首次实现了$c$-差分均匀性在分组密码中的实际应用。尽管Ellingsen等人（IEEE Trans. Inf. Theory, 2020）利用$(F(x\oplus a), cF(x))$建立了$c$-差分均匀性的概念，但一个关键挑战依然存在：乘以$c$的运算破坏了分组密码分析所需的结构特性，特别是密钥加操作。我们通过发展一种\emph{内}$c$-差分方法解决了这一挑战，其中乘以$c$的运算作用于输入：$(F(cx\oplus a), F(x))$。我们证明了函数$F$的内$c$-差分均匀性等于其逆函数$F^{-1}$的外$c$-差分均匀性，从而建立了基本的对偶关系。这种改进在保持密码结构完整性的同时，实现了实用的密码分析应用。我们的主要贡献是构建了一个全面的多维度统计-计算框架，对无密钥预白化的完整9轮Kuznyechik密码实施截断$c$-差分分析（内$c$-差分对后端密钥白化具有免疫性）。通过涉及数百万差分对的大规模计算分析，我们在所有测试轮次数上均证明了统计显著的非随机性。针对完整9轮密码，我们识别出多个触发关键安全警报的配置，其偏差比达到$1.7\times$，校正p值低至$1.85 \times 10^{-3}$，表明该密码对这种新型攻击向量的安全裕度不足。这标志着首次实现对完整9轮Kuznyechik变体的实用区分器。