Synthetic Linear Analysis: Improved Attacks on CubeHash and Rabbit
It has been considered most important and difficult to analyze the bias and find a large bias regarding the security of crypto-systems, since the invention of linear cryptanalysis. The demonstration of a large bias will usually imply that the target crypto-system is not strong. Regarding the bias analysis, researchers often focus on a theoretical solution for a specific problem. In this paper, we take a first step towards the synthetic approach on bias analysis. We successfully apply our synthetic analysis to improve the most recent linear attacks on CubeHash and Rabbit respectively. CubeHash was selected to the second round of SHA-3 competition. For CubeHash, the best linear attack on 11-round CubeHash with 2470 queries was proposed previously. We present an improved attack for 11-round CubeHash with complexity 2414.2. Based on our 11-round attack, we give a new linear attack for 12-round CubeHash with complexity 2513, which is sharply close to the security parameter 2512 of CubeHash. Rabbit is a stream cipher among the finalists of ECRYPT Stream Cipher Project (eSTREAM). For Rabbit, the best linear attack with complexity 2141 was recently presented. Our synthetic bias analysis yields the improved attack with complexity 2136. Moreover, it seems that our results might be further improved, according to our ongoing computations.
Keywordsbias linear cryptanalysis synthetic analysis conditional dependence CubeHash Rabbit
Unable to display preview. Download preview PDF.
- 2.Bernstein, D.J.: CubeHash specification (2.B.1). Submission to NIST (2009)Google Scholar
- 3.Boesgaard, M., Vesterager, M., Christensen, T., Zenner, E.: The stream cipher Rabbit. In: The ECRYPT Stream Cipher Project, http://www.ecrypt.eu.org/stream/
- 6.Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar
- 7.Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC (1996)Google Scholar
- 8.N.I.S.T., Cryptographic hash algorithm competition, http://www.nist.gov/hash-competition