8th International Conference on Information Systems Security and Privacy (ICISSP), ELECTR NETWORK, 9 - 11 Şubat 2022, ss.202-209
Ascon and DryGASCON are very similar designs that were submitted to NIST's lightweight cryptography standardization process. While Ascon made it to the finals, DryGASCON was eliminated in the second round. We analyze these algorithms against truncated, linear and differential-linear distinguishers to compare their security. We correct 2, 3, 3.5-round truncated differentials and 5-round differential-linear distinguishers that were given for DryGASCON-128. Moreover, we provide the longest practical differential-linear distinguisher of DryGASCON-128. Finally, we compare the security of Ascon-128 and DryGASCON-128 against differential-linear cryptanalysis.