kste / cryptosmt

An easy to use tool for cryptanalysis of symmetric primitives based on SMT/SAT solvers.
MIT License
89 stars 36 forks source link

Algorithms/procedures #5

Closed nareshmuppalaneni closed 9 years ago

nareshmuppalaneni commented 10 years ago

Dear Author, May I know how the tool was developed. What are different algorithms used. Can you explain what are the steps involved.What is the input for SMT, from there what is the output to STP/cryptominisat

kste commented 10 years ago

The input to cryptoSMT is a set of parameters (cipher, rounds, target probability for differential characteristic, ...) and it constructs a problem instance in the CVC-language which is processable by STP. This is done by setting up the constraints (only allow valid differentials, ...) for the variables in each round. Additionally, there is a variable weight which is used to sum up all the probabilities and enables the tool to search for differential characteristics with a certain probability by assigning a fixed value to it.

The procedure of finding the best differential characteristic (--mode 0) for the given parameters is the following:

In this case the SAT solver is called implicitly by STP, as it is a SAT-solver based SMT-solver.

The SAT-solver is used explicitly in the case of computing/estimating the probability of a differential (--mode 4). STP is used to construct the CNF of the given SMT problem instance and then the SAT solver is called. This is done because for computing the probability of the differential we want to find many solutions to our given problem instance. The advantage of cryptominisat is that it keeps the state (learned clauses...) when searching for more solutions, which speeds up finding any subsequent solutions.

I hope I could clarify a few things. You might also want to read reference [1] given on the project site, which applies a similar approach to Salsa20.

git2109 commented 4 years ago

Hi, what is the role of python language in this smt solver?

hadipourh commented 4 years ago

Hi! For your information, CryptoSMT is not actually an SMT solver. It is actually a cryptographic tool which uses some SMT solvers such as STP, and Boolector, to solve some kinds of cryptographic problems. In other words, CryptoSMT uses Python language to create an SMT model, and then invokes an SMT solver to solve the obtained SMT model. Therefore, the main role of CryptoSMT is converting a cryptographic problem to an SMT model, and uses Python language to do that. Good luck!

git2109 commented 4 years ago

با سلام و تشکر از نکاتی که مرقوم فرمودید. من در حال کار روی یک تحلیل رمز با استفاده از حل کننده STP هستم. بسیار خوشحال شدم از اینکه بالاخره کسی پیدا شد که در این زمینه نسبتا خاص تبحر داشته باشه. اگر امکان داره برای درک بهتر یکی دو نکته دیگه از کارم که در مقاله اصلی خیلی خلاصه ذکر شده مزاحم وقتتان بشم.

On Sunday, April 12, 2020, 12:26:50 AM GMT+4:30, Hosein Hadipour <notifications@github.com> wrote:  

Hi! For your information, CryptoSMT is not actually an SMT solver. It is actually a cryptographic tool which uses some SMT solvers such as STP, and Boolector, to solve some kinds of cryptographic problems. In other words, CryptoSMT uses Python language to create an SMT model, and then invokes an SMT solver to solve the obtained STP model. Therefore, the main role of CryptoSMT is converting a cryptographic problem to an SMT model, and uses Python language to do that. Good luck!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.

hadipourh commented 4 years ago

درود، مشکلی نیست ایمل من را می‌توانید در حساب گیت هاب بنده پیدا کنید. موفق باشید، حسین

On Sun, Apr 12, 2020, 3:34 PM mansour notifications@github.com wrote:

با سلام و تشکر از نکاتی که مرقوم فرمودید. من در حال کار روی یک تحلیل رمز با استفاده از حل کننده STP هستم. بسیار خوشحال شدم از اینکه بالاخره کسی پیدا شد که در این زمینه نسبتا خاص تبحر داشته باشه. اگر امکان داره برای درک بهتر یکی دو نکته دیگه از کارم که در مقاله اصلی خیلی خلاصه ذکر شده مزاحم وقتتان بشم.

On Sunday, April 12, 2020, 12:26:50 AM GMT+4:30, Hosein Hadipour < notifications@github.com> wrote:

Hi! For your information, CryptoSMT is not actually an SMT solver. It is actually a cryptographic tool which uses some SMT solvers such as STP, and Boolector, to solve some kinds of cryptographic problems. In other words, CryptoSMT uses Python language to create an SMT model, and then invokes an SMT solver to solve the obtained STP model. Therefore, the main role of CryptoSMT is converting a cryptographic problem to an SMT model, and uses Python language to do that. Good luck!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/kste/cryptosmt/issues/5#issuecomment-612597689, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGMCA2NI4SSNZFTWW6GN4YTRMGN2JANCNFSM4AYJLUYA .

git2109 commented 4 years ago

عنوان مقاله اینه: Observations on the SIMON block cipher family"

اما سوال من: در صحات اولیه مقاله ک مربوط به رمز سبک وزن سایمون هست برای تابع دور با استفاده از یک سری معادلات یک رابطه هم ارز بدست آورده . خواستم ببینم دقیقا چجوری بدست آورده؟ هم ارزی مذکور به صورت زیره: f (x) = x&; S d (x) from fa, b, c (x) =s a (x) & s b (x) + S c (x)

 On Sunday, April 12, 2020, 12:26:50 AM GMT+4:30, Hosein Hadipour <notifications@github.com> wrote:  

Hi! For your information, CryptoSMT is not actually an SMT solver. It is actually a cryptographic tool which uses some SMT solvers such as STP, and Boolector, to solve some kinds of cryptographic problems. In other words, CryptoSMT uses Python language to create an SMT model, and then invokes an SMT solver to solve the obtained STP model. Therefore, the main role of CryptoSMT is converting a cryptographic problem to an SMT model, and uses Python language to do that. Good luck!

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.