Paper 2012/421

Security margin evaluation of SHA-3 contest finalists through SAT-based attacks

Ekawat Homsirikamol, Pawel Morawiecki, Marcin Rogawski, and Marian Srebrny

Abstract

In 2007, the U.S. National Institute of Standards and Technology (NIST) announced a public contest aiming at the selection of a new standard for a cryptographic hash function. In this paper, the security margin of five SHA-3 finalists is evaluated with an assumption that attacks launched on finalists should be practically verified. A method of attacks applied is called logical cryptanalysis where the original task is expressed as a SATisfiability problem instance. A new toolkit is used to simplify the most arduous stages of this type of cryptanalysis and helps to mount the attacks in a uniform way. In the context of SAT-based attacks, it has been shown that all the finalists have substantially bigger security margin than the current standards SHA-256 and SHA-1. Two other metrics, software performance and hardware efficiency are combined with security results to provide a more comprehensive picture of the SHA-3 finalists.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. It is an extended version of the paper presented at CISIM '12 Conference and published in LNCS, Volume 7564
Keywords
SHA-3 competitionalgebraic cryptanalysislogical cryptanalysisSATisfiability solvers
Contact author(s)
pawelm @ wsh-kielce edu pl
History
2012-08-02: received
Short URL
https://ia.cr/2012/421
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/421,
      author = {Ekawat Homsirikamol and Pawel Morawiecki and Marcin Rogawski and Marian Srebrny},
      title = {Security margin evaluation of SHA-3 contest finalists through SAT-based attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2012/421},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/421}},
      url = {https://eprint.iacr.org/2012/421}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.