Paper 2012/238
The Boomerang Attacks on the Round-Reduced Skein-512
Hongbo Yu, Jiazhe Chen, and XIaoyun Wang
Abstract
The hash function Skein is one of the five finalists of the NIST SHA-3 competition;it is based on the block cipher Threefish which only uses three primitive operations: modular addition, rotation and bitwise XOR (ARX). This paper studies the boomerang attacks on Skein-512. Boomerang distinguishers on the compression function reduced to 32 and 36 rounds are proposed, with complexities 2^{104.5} and 2^{454} respectively. Examples of the distinguishers on 28-round and 31-round are also given. In addition, the boomerang distinguishers are applicable to the key-recovery attacks on reduced Threefish-512. The complexities for key-recovery attacks reduced to 32-/33-/34-round are about 2^{181}, 2^{305} and 2^{424}. Because Laurent et al. [14] pointed out that the previous boomerang distinguishers for Threefish-512 are in fact not compatible, our attacks are the first valid boomerang attacks for the final round Skein-512.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Contact author(s)
- yuhongbo @ mail tsinghua edu cn
- History
- 2012-04-30: received
- Short URL
- https://ia.cr/2012/238
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2012/238, author = {Hongbo Yu and Jiazhe Chen and XIaoyun Wang}, title = {The Boomerang Attacks on the Round-Reduced Skein-512}, howpublished = {Cryptology {ePrint} Archive, Paper 2012/238}, year = {2012}, url = {https://eprint.iacr.org/2012/238} }