Paper 2018/059

New Insights into Divide-and-Conquer Attacks on the Round-Reduced Keccak-MAC

Chen-Dong Ye and Tian Tian


Keccak is the final winner of SHA-3 competition and it can be used as message authentic codes as well. The basic and balanced divide-and-conquer attacks on Keccak-MAC were proposed by Dinur et al. at Eurocrypt 2015. The idea of cube attacks is used in the two attacks to divide key bits into small portions. In this paper, by carefully analysing the mappings used in Keccak-MAC, it is found that some cube variables could divide key bits into smaller portions and so better divide-and-conquer attacks are obtained. Furthermore, in order to evaluate the resistance of Keccak-MAC against divide-and-conquer attacks based on cubes, we theoretically analyse the lower bounds of the complexities of divide-and-conquer attacks. It is shown that the lower bounds of the complexities are still not better than those of the conditional cube tester proposed by Senyang Huang et al.. This indicates that Keccak-MAC can resist the divide-and-conquer attack better than the conditional cube tester. We hope that these techniques still could provide some new insights on the future cryptanalysis of Keccak.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keccak-MACDivide-and-Conquer AttacksCube Attacks
Contact author(s)
ye_chendong @ 126 com
2018-01-16: received
Short URL
Creative Commons Attribution


      author = {Chen-Dong Ye and Tian Tian},
      title = {New Insights into Divide-and-Conquer Attacks on the Round-Reduced Keccak-MAC},
      howpublished = {Cryptology ePrint Archive, Paper 2018/059},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.