New Distinguisher on Reduced-Round Keccak Sponge Function
(2019) In IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E102-A(1). p.242-250- Abstract
- The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient... (More)
- The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient and greatly improves the existing results. Finally we remark that our distinguishing attack on the the reduced-round Keccak will not threat the security margin of the Keccak sponge function. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/aa0cce7e-7b3a-4cbf-b006-71147a90224b
- author
- Huang, Senyang LU ; Wang, Xiaoyun ; Xu, Guangwu ; Wang, Meiqin and Zhao, Jingyuan
- publishing date
- 2019
- type
- Contribution to journal
- publication status
- published
- subject
- in
- IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
- volume
- E102-A
- issue
- 1
- pages
- 242 - 250
- publisher
- IEICE
- external identifiers
-
- scopus:85059981958
- ISSN
- 0916-8508
- DOI
- 10.1587/transfun.E102.A.242
- language
- English
- LU publication?
- no
- id
- aa0cce7e-7b3a-4cbf-b006-71147a90224b
- date added to LUP
- 2021-12-03 13:03:45
- date last changed
- 2022-04-27 06:22:15
@article{aa0cce7e-7b3a-4cbf-b006-71147a90224b,
abstract = {{The security analysis of Keccak, the winner of SHA-3, has attracted considerable interest. Recently, some attention has been paid to distinguishing Keccak sponge function from random permutation. In EUROCRYPT'17, Huang et al. proposed conditional cube tester to recover the key of Keccak-MAC and Keyak and to construct practical distinguishing attacks on Keccak sponge function up to 7 rounds. In this paper, we improve the conditional cube tester model by refining the formulation of cube variables. By classifying cube variables into three different types and working the candidates of these types of cube variable carefully, we are able to establish a new theoretical distinguisher on 8-round Keccak sponge function. Our result is more efficient and greatly improves the existing results. Finally we remark that our distinguishing attack on the the reduced-round Keccak will not threat the security margin of the Keccak sponge function.}},
author = {{Huang, Senyang and Wang, Xiaoyun and Xu, Guangwu and Wang, Meiqin and Zhao, Jingyuan}},
issn = {{0916-8508}},
language = {{eng}},
number = {{1}},
pages = {{242--250}},
publisher = {{IEICE}},
series = {{IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences}},
title = {{New Distinguisher on Reduced-Round Keccak Sponge Function}},
url = {{http://dx.doi.org/10.1587/transfun.E102.A.242}},
doi = {{10.1587/transfun.E102.A.242}},
volume = {{E102-A}},
year = {{2019}},
}