The relevance of the related-key model is usually controversial. However, in some cases, related-key properties have already been used to reduce the effective key length of the cipher in the single-key model. Hence, research into this direction can be helpful to bridge the gap between theory and practice aspects of the related-key model. Motivated by this challenge, the authors develop a new framework to provide further evidence that deterministic related-key characteristics can be utilised in the single-key model. The authors describe a sound framework for utilising related-key higher-order differential distinguishers that can beat the boundaries given by exhaustive key search. The data required is only one known as plaintext–ciphertext pair if the number of ciphertext bits matches the key length. From a theoretical point of view, the connection between related-key higher-order differential properties and the security of cryptographic primitives in the single-key model are precised. From a practical point of view, the proposed framework is used to evaluate the security of Agrasta cipher which is a variant of Rasta cipher presented at CRYPTO 2018. The proposed method is the first analysis of Agrasta reduced to three rounds that performs better than exhaustive key search and is independent of the used linear layers.

中文翻译：

---

使用相关关键字高阶差分特性进行快速关键字搜索的框架：对Agrasta的应用

通常，相关密钥模型的相关性存在争议。但是，在某些情况下，相关密钥属性已被用于减少单密钥模型中密码的有效密钥长度。因此，对此方向的研究可能有助于弥合相关密钥模型的理论和实践方面之间的差距。受这一挑战的驱使，作者开发了一个新框架，以提供进一步的证据，证明可以在单键模型中利用确定性的相关键特征。作者描述了一个合理的框架，该框架可利用相关键高阶差分识别器来克服穷举键搜索所给出的边界。如果密文位数与密钥长度匹配，则所需的数据只有一个称为明文-密文对。从理论上讲 精确地描述了单密钥模型中相关密钥高阶差分特性与密码基元的安全性之间的联系。从实践的角度来看，所提议的框架用于评估Agrasta密码的安全性，该密码是在CRYPTO 2018上提出的Rasta密码的一种变体。所提出的方法是对Agrasta简化为三轮的第一个分析，其性能优于穷举密钥搜索，并且与使用的线性层无关。