Paper 2025/102

A practical distinguisher on the full Skyscraper permutation

Antoine Bak, French Institute for Research in Computer Science and Automation, Direction Générale de l'Armement
Abstract

Skyscraper is a cryptographic permutation published in TCHES 2025, optimized for use in proof systems such as PlonK. This primitive is based on a 10-round Feistel network combining x2 monomials and lookup-based functions to achieve competitive plain performances and efficiency in proof systems supporting lookups. In terms of security, the x2 monomials are supposed to provide security against statistical attacks, while lookups are supposed to provide security against algebraic attacks. In this note, we show that this primitive has a much lower security margin than expected. Using a rebound attack, we find practical truncated differentials on the full permutation. As a corollary, we also find a practical collision attack on the compression function based on a 9-round Skyscraper permutation, which significantly reduces the security margin of the primitive. All of these attacks have been implemented and work in practice.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Skyscrapersplit-and-lookuprebound attackcryptanalysis
Contact author(s)
antoine bak @ inria fr
History
2025-01-23: approved
2025-01-22: received
See all versions
Short URL
https://ia.cr/2025/102
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/102,
      author = {Antoine Bak},
      title = {A practical distinguisher on the full Skyscraper permutation},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/102},
      year = {2025},
      url = {https://eprint.iacr.org/2025/102}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.