Cryptology ePrint Archive: Report 2017/1026

Cube Attack against Full Kravatte

Jian Guo and Ling Song

Abstract: This note analyzes the security of Kravatte against the cube attack. We provide an analysis result which recovers the master key of the current version of full Kravatte with data and time complexities $2^{136.01}$, and negligible memory. The same could be applied to the first version of Kravatte with complexities of $2^{38.04}$, which could be carried out in practice. These results are possible thanks to a clever way of constructing affine spaces bypassing the first permutation layer of Kravatte proposed by the designers and a simple yet efficient way to invert the last layer of Sbox in Kravatte.

Category / Keywords: secret-key cryptography / Kravatte, Cube Attack, Keccak

Date: received 16 Oct 2017, last revised 16 Oct 2017

Contact author: guojian at ntu edu sg

Available format(s): PDF | BibTeX Citation

Version: 20171025:025415 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]