Paper 2022/977

Allocating Rotational Cryptanalysis based Preimage Attack on 4-round Keccak-224 for Quantum Setting

Runsong Wang, School of Mathematics and Statistics, Xidian University
Xuelian Li, School of Mathematics and Statistics, Xidian University
Juntao Gao, School of Telecommunication and Engineering, Xidian University
Hui Li, School of Mathematics and Statistics, Xidian University
Baocang Wang, School of Telecommunication and Engineering, Xidian University
Abstract

In this paper, we aim to present a quantum setting oriented preimage attack against 4-round Keccak-224. An important technique we called the allocating rotational cryptanalysis takes the preimage attack into the situation of 2-block preimage recovery. With the conditions on the middle state proposed by Li et al., we use the generic quantum preimage attack to deal with the finding of first preimage block. By using the newly explored propagation of rotational relations, we significantly increase the number of eigenpoints at the end of 4-round modified Keccak-f from 0 to 32, and therefore improving the accuracy of determining the rotational number for a certain rotational counterpart in the quantum setting by more than 10 orders of magnitude. On the basis of the above, we design an efficient unitary oracle operator with only twice calling of the 4-round modified Keccak-f, which costs half of previous results, to mark a rotational counterpart of the second preimage block in order that the second preimage block can be found indirectly from a quickly generated specified search space. As a result on the 4-round Keccak-224: In the classical setting, the preimage attack with the complexity decreased to 2^218 is better than the result based on the pioneered rotational cryptanalysis. In the quantum setting, the amplitude amplification driven preimage attack with a complexity of 2^110 is by far the best dedicated quantum preimage attack. Additionally, the SKW algorithm is applied to the dedicated quantum preimage attack against the 4-round Keccak-224 for the first time, which is exponentially easier to implement in quantum circuit than the former, with a complexity of 2^111.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Keccak Rotational Cryptanalysis Linearization of Keccak-f Preimage Attack Amplitude Amplification SKW Algorithm
Contact author(s)
wangrs12 @ stu xidian edu cn
xuelian202 @ 163 com
jtgao @ mail xidian edu cn
hui0921 @ stu xidian edu cn
bcwang @ xidian edu cn
History
2022-08-03: approved
2022-07-30: received
See all versions
Short URL
https://ia.cr/2022/977
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/977,
      author = {Runsong Wang and Xuelian Li and Juntao Gao and Hui Li and Baocang Wang},
      title = {Allocating Rotational Cryptanalysis based Preimage Attack on 4-round Keccak-224 for Quantum Setting},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/977},
      year = {2022},
      url = {https://eprint.iacr.org/2022/977}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.