Cryptanalysis of 1-Round KECCAK
Conference paper
First Online:
Abstract
In this paper, we give the first pre-image attack against 1-round KECCAK-512 hash function, which works for all variants of 1-round KECCAK. The attack gives a preimage of length less than 1024 bits by solving a system of 384 linear equations. We also give a collision attack against 1-round KECCAK using similar analysis.
Keywords
Cryptanalysis KECCAK SHA-3 Preimage CollisionReferences
- 1.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak specifications. Submission to NIST (Round 2) (2009)Google Scholar
- 2.Dworkin, M.J.: SHA-3 standard: permutation-based hash and extendable-output functions. Federal Information Processing Standard (NIST FIPS)-202 (2015)Google Scholar
- 3.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponges (2011). http://sponge.noekeon.org
- 4.Bernstein, D.J.: Second preimages for 6 (7?(8??)) rounds of Keccak. NIST mailing list (2010)Google Scholar
- 5.Chang, D., Kumar, A., Morawiecki, P., Sanadhya, S.K.: 1st and 2nd preimage attacks on 7, 8 and 9 rounds of Keccak-224, 256, 384, 512. In: SHA-3 Workshop, August 2014Google Scholar
- 6.Morawiecki, P., Pieprzyk, J., Srebrny, M.: Rotational cryptanalysis of round-reduced Keccak. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 241–262. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_13Google Scholar
- 7.Morawiecki, P., Srebrny, M.: A sat-based preimage analysis of reduced Keccak hash functions. Inf. Process. Lett. 113(10–11), 392–397 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
- 8.Naya-Plasencia, M., Röck, A., Meier, W.: Practical analysis of reduced-round Keccak. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 236–254. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25578-6_18CrossRefGoogle Scholar
- 9.Guo, J., Liu, M., Song, L.: Linear structures: applications to cryptanalysis of round-reduced Keccak. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 249–274. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53887-6_9CrossRefGoogle Scholar
- 10.Dinur, I., Dunkelman, O., Shamir, A.: New attacks on Keccak-224 and Keccak-256. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 442–461. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34047-5_25CrossRefGoogle Scholar
- 11.Dinur, I., Dunkelman, O., Shamir, A.: Improved practical attacks on round-reduced Keccak. J. Cryptol. 27(2), 183–209 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
- 12.Dinur, I., Dunkelman, O., Shamir, A.: Collision attacks on up to 5 rounds of SHA-3 using generalized internal differentials. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 219–240. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_12Google Scholar
- 13.Qiao, K., Song, L., Liu, M., Guo, J.: New collision attacks on round-reduced Keccak. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 216–243. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_8CrossRefGoogle Scholar
- 14.Song, L., Liao, G., Guo, J.: Non-full sbox linearization: applications to collision attacks on round-reduced Keccak. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 428–451. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63715-0_15CrossRefGoogle Scholar
- 15.Bertoni, G., Daemen, J., Peeters, M., Assche, G.: The Keccak reference (2011). http://keccak.noekeon.org/keccak-reference-3.0.pdf
- 16.Shoup, V.: NTL: a library for doing number theory (2001). www.shoup.net/ntl/
Copyright information
© Springer International Publishing AG, part of Springer Nature 2018