The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
A análise de segurança do Keccak, vencedor do SHA-3, atraiu considerável interesse. Recentemente, alguma atenção foi dada à distinção entre a função da esponja Keccak e a permutação aleatória. No EUROCRYPT'17, Huang et al. propôs um testador de cubo condicional para recuperar a chave de Keccak-MAC e Keyak e para construir ataques práticos de distinção na função de esponja Keccak em até 7 rodadas. Neste artigo, melhoramos o modelo do testador de cubo condicional refinando a formulação das variáveis do cubo. Classificando as variáveis de cubo em três tipos diferentes e trabalhando cuidadosamente os candidatos desses tipos de variáveis de cubo, somos capazes de estabelecer um novo diferenciador teórico na função esponja de Keccak de 8 rodadas. Nosso resultado é mais eficiente e melhora muito os resultados existentes. Finalmente, observamos que nosso ataque distinto ao Keccak de rodada reduzida não ameaçará a margem de segurança da função esponja Keccak.
Senyang HUANG
Tsinghua University,University of Haifa
Xiaoyun WANG
Tsinghua University,Shandong University
Guangwu XU
University of Wisconsin-Milwaukee
Meiqin WANG
Shandong University
Jingyuan ZHAO
Chinese Academy of Sciences
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copiar
Senyang HUANG, Xiaoyun WANG, Guangwu XU, Meiqin WANG, Jingyuan ZHAO, "New Distinguisher on Reduced-Round Keccak Sponge Function" in IEICE TRANSACTIONS on Fundamentals,
vol. E102-A, no. 1, pp. 242-250, January 2019, doi: 10.1587/transfun.E102.A.242.
Abstract: The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient and greatly improves the existing results. Finally we remark that our distinguishing attack on the the reduced-round Keccak will not threat the security margin of the Keccak sponge function.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E102.A.242/_p
Copiar
@ARTICLE{e102-a_1_242,
author={Senyang HUANG, Xiaoyun WANG, Guangwu XU, Meiqin WANG, Jingyuan ZHAO, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={New Distinguisher on Reduced-Round Keccak Sponge Function},
year={2019},
volume={E102-A},
number={1},
pages={242-250},
abstract={The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient and greatly improves the existing results. Finally we remark that our distinguishing attack on the the reduced-round Keccak will not threat the security margin of the Keccak sponge function.},
keywords={},
doi={10.1587/transfun.E102.A.242},
ISSN={1745-1337},
month={January},}
Copiar
TY - JOUR
TI - New Distinguisher on Reduced-Round Keccak Sponge Function
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 242
EP - 250
AU - Senyang HUANG
AU - Xiaoyun WANG
AU - Guangwu XU
AU - Meiqin WANG
AU - Jingyuan ZHAO
PY - 2019
DO - 10.1587/transfun.E102.A.242
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E102-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2019
AB - The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient and greatly improves the existing results. Finally we remark that our distinguishing attack on the the reduced-round Keccak will not threat the security margin of the Keccak sponge function.
ER -