Symmetric-key primitives designed over the prime field Fp with odd characteristics, rather than traditional Fn2 , are becoming most popular choice for MPC/FHE/ZK-protocols better efficiencies. However, security of is less understood as there highly nontrivial gaps when extending cryptanalysis tools and experiences built on in past few decades to Fp.At CRYPTO 2015, Sun et al. established links among impossible differential, zero-correlation linear, integral from perspective distinguishers. In this paper, following definition linear correlations by Baignères, Stern Vaudenay at SAC 2007, we successfully establish comprehensive Fp, reproducing proofs offering alternatives necessary. Interesting important differences between observed.- Zero-correlation hulls can not lead distinguishers some cases while always possible Fn2proven al..- When newly applied GMiMC, its hull be increased up 3 rounds cases, even an arbitrary number special limited which only appeared Fp. It should noted that all these do invalidate GMiMC’s claims.The development theories behind links, properties identified (be it similar or different) will bring clearer easier understanding emerging field, believe provide useful guides future design.

Load

Load