Paper 2017/1026

Cube Attack against Full Kravatte

Jian Guo and Ling Song


This note analyzes the security of Kravatte against the cube attack. We provide an analysis result which recovers the master key of the current version of full Kravatte with data and time complexities $2^{136.01}$, and negligible memory. The same could be applied to the first version of Kravatte with complexities of $2^{38.04}$, which could be carried out in practice. These results are possible thanks to a clever way of constructing affine spaces bypassing the first permutation layer of Kravatte proposed by the designers and a simple yet efficient way to invert the last layer of Sbox in Kravatte.

Note: The note has been merged and published in the paper entitled "Key-Recovery Attacks on Full Kravatte" at ToSC 2018 Issue 1.

Available format(s)
-- withdrawn --
Secret-key cryptography
Publication info
Preprint. MINOR revision.
KravatteCube AttackKeccak
Contact author(s)
guojian @ ntu edu sg
2018-07-24: withdrawn
2017-10-25: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.