Key points are not available for this paper at this time.
We investigate six authenticated encryption schemes (ACORN, ASCON-128a, ICEPOLE-128a, Ketje Jr, MORUS, and NORX-32) from the CAESAR competition. We aim at state recovery attacks using a SAT solver as a main tool. Our analysis reveals that these schemes, as submitted to CAESAR, provide strong resistance against SAT-based state recoveries. To shed a light on their security margins, we also analyse modified versions of these algorithms, including round-reduced variants and versions with higher security claims. Our attacks on such variants require only a few known plaintext-ciphertext pairs and small memory requirements (to run the SAT solver), whereas time complexity varies from very practical (few seconds on a desktop PC) to 'theoretical' attacks.
Dwivedi et al. (Sun,) studied this question.