Cryptology ePrint Archive: Report 2011/175

Analysis of reduced-SHAvite-3-256 v2

Marine Minier, Maria Naya-Plasencia, and Thomas Peyrin

Abstract: In this article, we provide the first independent analysis of the (2nd-round tweaked) 256-bit version of the SHA-3 candidate SHAvite-3. By leveraging recently introduced cryptanalysis tools such as rebound attack or Super-Sbox cryptanalysis, we are able to derive chosen-related-salt distinguishing attacks on the compression function on up to 8 rounds (12 rounds in total) and free-start collisions on up to 7 rounds. In particular, our best results are obtained by carefully controlling the differences in the key schedule of the internal cipher. Most of our results have been implemented and verified experimentally.

Category / Keywords: secret-key cryptography / rebound attack, Super-Sbox, collision, distinguisher, SHAvite-3, SHA-3

Publication Info: Extended version of the paper accepted at FSE 2011

Date: received 5 Apr 2011

Contact author: marine minier at insa-lyon fr

Available formats: PDF | BibTeX Citation

Version: 20110405:085927 (All versions of this report)

Discussion forum: Show discussion | Start new discussion