Paper 2022/731
Triangulating Rebound Attack on AES-like Hashing
Abstract
The rebound attack was introduced by Mendel et al. at FSE 2009 to fulfill a heavy middle round of a differential path for free, utilizing the degree of freedom from states. The inbound phase was extended to 2 rounds by the Super-Sbox technique invented by Lamberger et al. at ASIACRYPT 2009 and Gilbert and Peyrin at FSE 2010. In ASIACRYPT 2010, Sasaki et al. further reduced the requirement of memory by introducing the non-full-active Super-Sbox. In this paper, we further develop this line of research by introducing Super-Inbound, which is able to connect multiple 1-round or 2-round (non-full-active) Super-Sbox inbound phases by utilizing fully the degrees of freedom from both states and key, yet without the use of large memory. This essentially extends the inbound phase by up to 3 rounds. We applied this technique to find classic or quantum collisions on several AES-like hash functions, and improved the attacked round number by 1 to 5 in targets including AES-128 and SKINNY hashing modes, Saturnin-Hash, and Grostl-512. To demonstrate the correctness of our attacks, the semi-free-start collision on 6-round AES-128-MMO/MP with estimated time complexity $2^{24}$ in classical setting was implemented and an example pair was found instantly on a standard PC.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- A major revision of an IACR publication in CRYPTO 2022
- Keywords
- Triangulating Rebound Quantum Computation Collision Attacks Rebound Attacks Triangulation Algorithm Super-Inbound
- Contact author(s)
-
xiaoyangdong @ tsinghua edu cn
guojian @ ntu edu sg
shun li @ ntu edu sg
pham0079 @ e ntu edu sg - History
- 2022-06-09: revised
- 2022-06-08: received
- See all versions
- Short URL
- https://ia.cr/2022/731
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/731, author = {Xiaoyang Dong and Jian Guo and Shun Li and Phuong Pham}, title = {Triangulating Rebound Attack on {AES}-like Hashing}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/731}, year = {2022}, url = {https://eprint.iacr.org/2022/731} }