Algebraic Collision Attacks on Keccak

被引：4

作者：

Boissier, Rachelle Heim ^{[1
]}

Nous, Camille ^{[2
]}

Rotella, Yann ^{[1
]}

机构：

[1] Univ Paris Saclay, UVSQ, CNRS, Lab Math Versailles, F-78000 Versailles, France

[2] Lab Cogitamus, Paris, Ile De France, France

来源：

IACR TRANSACTIONS ON SYMMETRIC CRYPTOLOGY | 2021年 / 2021卷 / 01期

关键词：

Keccak; Algebraic Cryptanalysis; Hash functions; Linearization; Collision attack; REDUCED KECCAK;

D O I：

10.46586/tosc.v2021.i1.239-268

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

In this paper, we analyze the collision resistance of the two smallest versions of KECCAK which have a width of 200 and 400 bits respectively. We show that algebraic and linearization techniques can serve collision cryptanalysis by using some interesting properties of the linear part of the round function of KECCAK. We present an attack on the KECCAK versions that could be used in lightweight cryptography reduced to two rounds. For KECCAK[40, 160] (resp. KECCAK[72, 128] and KECCAK[144, 256]) our attack has a computational complexity of 273 (resp. 252.5 and 2101.5) KECCAK calls.

引用

页码：239 / 268

页数：30

共 35 条

[1]

[Anonymous], 2011, The keccak reference

[2]

[Anonymous], 1995, Cipher and hash function design strategies based on linear and differential cryptanalysis

[3]

[Anonymous], 1994, ACM C COMP COMM SEC

[4]

BDP+16 Bertoni G., 2016, Submission to the CAESAR Competition

[5]

Bertoni G., 2011, Cryptographic sponge functions

[6]

Bertoni G., ECRYPT HASH WORKSH C

[7]

Bertoni G, 2008, LECT NOTES COMPUT SC, V4965, P181

[8]

Bertoni G, 2013, LECT NOTES COMPUT SC, V7881, P313, DOI 10.1007/978-3-642-38348-9_19

[9]

Bertoni Guido, 2008, KECCAK CRUNCHY CRYPT

[10]

Bertoni Guido, ADV CRYPTOLOGY EUROC

← 1 2 3 4 →