Cryptology ePrint Archive: Report 2012/238

The Boomerang Attacks on the Round-Reduced Skein-512

Hongbo Yu and Jiazhe Chen and XIaoyun Wang

Abstract: The hash function Skein is one of the five finalists of the NIST SHA-3 competition;it is based on the block cipher Threefish which only uses three primitive operations: modular addition, rotation and bitwise XOR (ARX). This paper studies the boomerang attacks on Skein-512. Boomerang distinguishers on the compression function reduced to 32 and 36 rounds are proposed, with complexities 2^{104.5} and 2^{454} respectively. Examples of the distinguishers on 28-round and 31-round are also given. In addition, the boomerang distinguishers are applicable to the key-recovery attacks on reduced Threefish-512. The complexities for key-recovery attacks reduced to 32-/33-/34-round are about 2^{181}, 2^{305} and 2^{424}. Because Laurent et al. [14] pointed out that the previous boomerang distinguishers for Threefish-512 are in fact not compatible, our attacks are the first valid boomerang attacks for the final round Skein-512.

Category / Keywords: secret-key cryptography /

Date: received 29 Apr 2012

Contact author: yuhongbo at mail tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Version: 20120430:154239 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]