The boomerang connectivity table (BCT) was introduced by C. Cid et al. Using the BCT, for SPN block cipher, the dependency between sub-ciphers in boomerang structure can be computed more precisely. However, the existing method to generate BCT is difficult to be applied to the ARX-based cipher, because of the huge domain size. In this paper, we show a method to compute the dependency between sub-ciphers in boomerang structure for modular addition. Using bit relation in modular addition, we compute the dependency sequentially in bitwise. And using this method, we find boomerang characteristics and amplified boomerang characteristics for the ARX-based ciphers LEA and SPECK. For LEA-128, we find a reduced 15-round boomerang characteristic and reduced 16-round amplified boomerang characteristic which is two rounds longer than previous boomerang characteristic. Also for SPECK64/128, we find a reduced 13-round amplified boomerang characteristic which is one round longer than previous rectangle characteristic.

SQUARE is an 8-round SPN structure block cipher and its round function and key schedule have been slightly modified to design building blocks of Rijndael. Key schedule of SQUARE is simple and efficient but fully affine, so we apply a related-key attack on it. We find a 3-round related-key differential trail with probability 2-28, which has zero differences both on its input and output states, which is called local collision in [6]. By extending of this related-key differential, we construct a successful attack on full rounds of SQUARE. In this paper, we present a key recovery attack on full rounds of SQUARE using a related-key boomerang distinguisher. We construct a 7-round related-key boomerang distinguisher with probability 2-119 by finding local collision, and calculate its probability using ladder switch and multiple path estimation techniques. As a result, one round on top of the distinguisher is added to construct an attack on full rounds of SQUARE which recovers 16-bit key information with 2123 encryptions and 2121 data.