Paper 2023/036
Differential analysis of the ternary hash function Troika
Abstract
Troika is a sponge-based hash function designed by Kölbl, Tischhauser, Bogdanov and Derbez in 2019. Its specificity is that it is defined over $\mathbb{F}_3$ in order to be used inside IOTA’s distributed ledger but could also serve in all settings requiring the generation of ternary randomness. To be used in practice, Troika needs to be proven secure against state-of-the-art cryptanalysis. However, there are today almost no analysis tools for ternary designs. In this article we take a step in this direction by analyzing the propagation of differential trails of Troika and by providing bounds on the weight of its trails. For this, we adapt a well-known framework for trail search designed for KECCAK and provide new advanced techniques to handle the search on $\mathbb{F}_3$. Our work demonstrates that providing analysis tools for non-binary designs is a highly non-trivial research direction that needs to be enhanced in order to better understand the real security offered by such non-conventional primitives.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. SAC 2022
- Keywords
- differential cryptanalysisTroikaternary design
- Contact author(s)
-
christina boura @ uvsq fr
margot funk @ uvsq fr
yann rotella @ uvsq fr - History
- 2023-01-19: approved
- 2023-01-11: received
- See all versions
- Short URL
- https://ia.cr/2023/036
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/036,
author = {Christina Boura and Margot Funk and Yann Rotella},
title = {Differential analysis of the ternary hash function Troika},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/036},
year = {2023},
url = {https://eprint.iacr.org/2023/036}
}
