Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Differential Analysis and Meet-in-the-Middle Attack Against Round-Reduced TWINE Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Internal Differential Boomerangs: Practical Analysis of the Round-Reduced Keccak- \(f\) Permutation

verfasst von : Jérémy Jean, Ivica Nikolić

Erschienen in: Fast Software Encryption

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

We introduce internal differential boomerang distinguisher as a combination of internal differentials and classical boomerang distinguishers. The new boomerangs can be successful against cryptographic primitives having high-probability round-reduced internal differential characteristics. The internal differential technique, which follow the evolution of differences between parts of the state, is particularly meaningful for highly symmetric functions like the inner permutation Keccak- \(f\) of the hash functions defined in the future SHA-3 standard. We find internal differential and standard characteristics for three to four rounds of Keccak- \(f\), and with the use of the new technique, enhanced with a strong message modification, show practical distinguishers for this permutation. Namely, we need \(2^{12}\) queries to distinguish 7 rounds of the permutation starting from the first round, and approximately \(2^{18}\) queries to distinguish 8 rounds starting from the fourth round. Due to the exceptionally low complexities, all of our results have been completely verified with a computer implementation of the analysis.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Rotational Cryptanalysis of ARX Revisited
Nächstes Kapitel New Linear Correlations Related to State Information of RC4 PRGA Using IV in WPA
Fußnoten
1
Note that while the draft FIPS 202 [30] defines the r-round-reduced versions of Keccak- \(f\) as the last r rounds of Keccak- \(f\), this paper allows the reduced permutation to start at any round number.
 
2
The boomerang attack is closely related to higher-order differential techniques [20, 23].
 
3
In a random permutation, the boomerang will return \(P_2\) with internal difference \(\varDelta \) with a probability \(2^{-n/2}\).
 
4
A related subspace problem has been discussed in [24].
 
5
That is, we use the subspace to claim distinguisher for the permutation. This is in line with our initial intention to show that the round-reduced permutation exhibits non-random properties.
 
6
This only confirms the fact that for boomerangs (both classical and internal differential), finding the two characteristics for f and g does not guarantee that the boomerang will work – see [28] for more details.
 
7
This is the reason why we have omitted specifying the differences at the output of the internal characteristics from Sect. 4.1, and at the input of the standard characteristics from Sect. 4.2.
 
8
The internal characteristic cannot be changed as its difference propagation is completely defined by the round constants \(RC_i\). On the other hand, there are many different standard characteristics (built upon parity kernels) that hold with the same probability.
 
9
The cost of the message modification can be ignored because it is executed once, but it can be used for producing many boomerang pairs, thus on average it is negligible. The actual cost is around \(2^{8}\).
 
Literatur
1.
Aumasson, J.P., Meier, W.: Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi. rump session of Cryptographic Hardware and Embedded Systems-CHES 2009, 67 (2009)
2.
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Cryptographic sponge functions (online)
3.
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference (Version 3)
4.
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V., Keer, R.V.: Ketje v1. Submitted to the CAESAR competition, March 2014
5.
Bertoni, G., Daemen, J., Peeters, M., Assche, G.V., Keer, R.V.: Keyak v1. Submitted to the CAESAR competition, March 2014
6.
Biham, E., Chen, R.: Near-collisions of SHA-0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–305. Springer, Heidelberg (2004) CrossRef
7.
Biryukov, A., Lamberger, M., Mendel, F., Nikolić, I.: Second-order differential collisions for reduced SHA-256. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 270–287. Springer, Heidelberg (2011) CrossRef
8.
Biryukov, A., Nikolić, I., Roy, A.: Boomerang attacks on BLAKE-32. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 218–237. Springer, Heidelberg (2011) CrossRef
9.
Boura, C., Canteaut, A.: Zero-sum distinguishers for iterated permutations and application to Keccak-f and Hamsi-256. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 1–17. Springer, Heidelberg (2011) CrossRef
10.
Boura, C., Canteaut, A., De Cannière, C.: Higher-order differential properties of Keccak and Luffa. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 252–269. Springer, Heidelberg (2011) CrossRef
11.
Canteaut, A. (ed.): FSE 2012. LNCS, vol. 7549. Springer, Heidelberg (2012) MATH
12.
Das, S., Meier, W.: Differential biases in reduced-round Keccak. In: [33], pp. 69–87
13.
Dinur, I., Dunkelman, O., Shamir, A.: New attacks on Keccak-224 and Keccak-256. In: [11], pp. 442–461
14.
Dinur, I., Dunkelman, O., Shamir, A.: Collision attacks on Up to 5 rounds of SHA-3 using generalized internal differentials. In: [27], pp. 219–240
15.
Dinur, I., Dunkelman, O., Shamir, A.: Improved practical attacks on round-reduced Keccak. J. Cryptology 27(2), 183–209 (2014)MathSciNetCrossRefMATH
16.
Dinur, I., Morawiecki, P., Pieprzyk, J., Srebrny, M., Straus, M.: Practical complexity cube attacks on round-reduced Keccak sponge function. IACR Cryptology ePrint Archive 2014, 259 (2014)
17.
Duc, A., Guo, J., Peyrin, T., Wei, L.: Unaligned rebound attack: application to Keccak. In: [11], pp. 402–421
18.
Jean, J., Nikolic, I.: Internal differential boomerangs: practical analysis of the round-reduced Keccak-f permutation. Cryptology ePrint Archive, Report 2015/244 (2015)
19.
Kelsey, J., Kohno, T., Schneier, B.: Amplified boomerang attacks against reduced-round MARS and serpent. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 75–93. Springer, Heidelberg (2001) CrossRef
20.
Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995) CrossRef
21.
Kölbl, S., Mendel, F., Nad, T., Schläffer, M.: Differential cryptanalysis of Keccak variants. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 141–157. Springer, Heidelberg (2013) CrossRef
22.
Kuila, S., Saha, D., Pal, M., Chowdhury, D.R.: Practical aistinguishers against 6-round Keccak-f exploiting self-symmetry. In: [33], pp. 88–108
23.
Lai, X.: Higher order derivatives and differential cryptanalysis. In: Blahut, R.E., Costello Jr., D.J., Maurer, U., Mittelholzer, T. (eds.) Communications and Cryptography, pp. 227–233. Springer, New York (1994)
24.
Lamberger, M., Mendel, F., Schläffer, M., Rechberger, C., Rijmen, V.: The rebound attack and subspace distinguishers: application to Whirlpool. J. Cryptology 28, 1–40 (2013)
25.
Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: The rebound attack: cryptanalysis of reduced Whirlpool and Grøstl. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260–276. Springer, Heidelberg (2009) CrossRef
26.
Morawiecki, P., Pieprzyk, J., Srebrny, M.: Rotational cryptanalysis of round-reduced Keccak. In: [27], pp. 241–262
27.
Moriai, S. (ed.): FSE 2013. LNCS, vol. 8424. Springer, Heidelberg (2014)
28.
Murphy, S.: The return of the cryptographic boomerang. IEEE Trans. Inf. Theory 57(4), 2517–2521 (2011)CrossRef
29.
30.
National Institute of Standards and Technology: Draft FIPS 202: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
31.
Naya-Plasencia, M., Röck, A., Meier, W.: Practical analysis of reduced-round Keccak. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 236–254. Springer, Heidelberg (2011) CrossRef
32.
Peyrin, T.: Improved differential attacks for ECHO and Grøstl. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 370–392. Springer, Heidelberg (2010) CrossRef
33.
Pointcheval, D., Vergnaud, D. (eds.): AFRICACRYPT. LNCS, vol. 8469. Springer, Heidelberg (2014) MATH
34.
Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999) CrossRef
Metadaten
Titel
Internal Differential Boomerangs: Practical Analysis of the Round-Reduced Keccak- Permutation
verfasst von
Jérémy Jean
Ivica Nikolić
Copyright-Jahr
2015
Verlag
Springer Berlin Heidelberg
Buch
Fast Software Encryption

Print ISBN: 978-3-662-48115-8

Electronic ISBN: 978-3-662-48116-5

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-662-48116-5_26

Premium Partner

    Bildnachweise