On properties of additive differential probabilities of XOR

The additive differential probability of exclusive-or $\mathrm{adp}^{\oplus}(\alpha, \beta, \gamma)$, where $\alpha, \beta, \gamma \in \mathbb{Z}_{2}^{n}$, is studied. It is used in the analysis of symmetric-key primitives that combine XOR and modular addition, such as Addition-Rotation-XOR (ARX) constructions. We focus on the maximal differentials which are helpful when constructing differential trails. It is proven that $\max_{\alpha, \beta} \mathrm{adp}^{\oplus}(\alpha,\beta,\gamma) = \mathrm{adp}^{\oplus}(0,\gamma,\gamma)$. In addition, there exist either $2$ or $8$ distinct pairs ($\alpha$, $\beta$) such that $\mathrm{adp}^{\oplus}(\alpha,\beta,\gamma) = \mathrm{adp}^{\oplus}(0,\gamma,\gamma)$. Also, we obtain a simplified representation of $\mathrm{adp}^{\oplus}(0,\gamma,\gamma)$ and formula for $\min_{\gamma}\mathrm{adp}^{\oplus}(0,\gamma,\gamma)$.