Evaluating CNF/SMT Encodings for SAT-Based Differential Cryptanalysis of Lightweight Block Ciphers
Articles in Press, Accepted Manuscript, Available Online from 01 May 2026
https://doi.org/10.22042/isecure.2026.242936
Marzieh Vahid Dastjerdi, Majid Rahimi, Iman Mirzaali Mazandarani, Sadegh Sadeghi
Abstract This study evaluates three encoding methods for automated differential cryptanalysis: (1) SMT formulations (using CVC), (2) standard CNF, and (3) size-optimised CNF (via Logic Friday). We assess these using four SAT/SMT solver types: single-core (CryptoMiniSat-v5, CaDiCaL), multicore (Treengeling), and massively parallel Mallob—novel to cryptanalysis. Encoding-solver combinations are tested on seven lightweight block ciphers representing distinct design philosophies: SPECK-32 and CHAM-64 (ARX structure), SIMON-32 (AND-RX structure), PRESENT, GIFT-128, and MIDORI-64 (4-bit S-box in SPN structure), and LBLOCK (Feistel structure). For each cipher, SAT/SMT instances targeting specific rounds and differential weights were generated, with wall-clock solving time, parallel efficiency, and modelling effort recorded. Our results establish criteria for optimal encoding-solver pairings that strike a balance between modelling simplicity and computational performance. Crucially, Mallob emerges as the state-of-the-art framework for large-scale automated differential cryptanalysis.