Cryptology ePrint Archive: Report 2019/951

Collisions on Feistel-MiMC and univariate GMiMC

Xavier Bonnetain

Abstract: MiMC and GMiMC are families of MPC-friendly block ciphers and hash functions. In this note, we show that the block ciphers MiMC-$2n/n$ (or Feistel-MiMC) and univariate GMiMC are vulnerable to an attack which allows a key recovery in $2^{n/2}$ operations. This attack, which is reminiscent of a slide attack, only relies on their weak key schedules, and is independent of the round function ($x^3$ here) and the number of rounds.

Category / Keywords: secret-key cryptography / MiMC, MPC, symmetric cryptanalysis

Date: received 21 Aug 2019

Contact author: xavier bonnetain at inria fr

Available format(s): PDF | BibTeX Citation

Version: 20190821:214633 (All versions of this report)

Short URL: ia.cr/2019/951


[ Cryptology ePrint archive ]