Paper 2017/1211

Zero-Sum Partitions of PHOTON Permutations

Qingju Wang, Lorenzo Grassi, and Christian Rechberger

Abstract

We describe an approach to zero-sum partitions using Todo’s division property at EUROCRYPT 2015. It follows the inside-out methodology, and includes MILP-assisted search for the forward and backward trails, and subspace approach to connect those two trails that is less restrictive than commonly done. As an application we choose PHOTON, a family of sponge-like hash function proposals that was recently standardized by ISO. With respect to the security claims made by the designers, we for the first time show zero-sum partitions for almost all of those full 12-round permutation variants that use a 4-bit S-Box. As with essentially any other zero-sum property in the literature, also here the gap between a generic attack and the shortcut is small.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. CT-RSA 2018
Keywords
PHOTONIntegralDivision PropertyZero-sumMILPSubspace
Contact author(s)
lorenzo grassi @ iaik tugraz at
History
2018-03-07: revised
2017-12-18: received
See all versions
Short URL
https://ia.cr/2017/1211
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/1211,
      author = {Qingju Wang and Lorenzo Grassi and Christian Rechberger},
      title = {Zero-Sum Partitions of {PHOTON} Permutations},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/1211},
      year = {2017},
      url = {https://eprint.iacr.org/2017/1211}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.