Paper 2014/736

Cube Attacks and Cube-attack-like Cryptanalysis on the Round-reduced Keccak Sponge Function

Itai Dinur, Pawel Morawiecki, Josef Pieprzyk, Marian Srebrny, and Michal Straus

Abstract

In this paper, we comprehensively study the resistance of keyed variants of SHA-3 (Keccak) against algebraic attacks. This analysis covers a wide range of key recovery, MAC forgery and other types of attacks, breaking up to 9 rounds (out of the full 24) of the Keccak internal permutation much faster than exhaustive search. Moreover, some of our attacks on the 6-round Keccak are completely practical and were verified on a desktop PC. Our methods combine cube attacks (an algebraic key recovery attack) and related algebraic techniques with structural analysis of the Keccak permutation. These techniques should be useful in future cryptanalysis of Keccak and similar designs. Although our attacks break more rounds than previously published techniques, the security margin of Keccak remains large. For Keyak -- a Keccak-based authenticated encryption scheme -- the nominal number of rounds is 12 and therefore its security margin is smaller (although still sufficient).

Note: Authors and affiliations added

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
KeccakSHA-3sponge functioncube attack
Contact author(s)
pawel morawiecki @ gmail com
History
2014-09-20: revised
2014-09-19: received
See all versions
Short URL
https://ia.cr/2014/736
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/736,
      author = {Itai Dinur and Pawel Morawiecki and Josef Pieprzyk and Marian Srebrny and Michal Straus},
      title = {Cube Attacks and Cube-attack-like Cryptanalysis on the Round-reduced Keccak Sponge Function},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/736},
      year = {2014},
      url = {https://eprint.iacr.org/2014/736}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.