Differential Cryptanalysis of Keccak Variants

Stefan Kölbl, Florian Mendel, Tomislav Nad, Martin Schläffer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

In October 2012, NIST has announced Keccak as the winner of the SHA-3 cryptographic hash function competition. Recently, at CT-RSA 2013, NIST brought up the idea to standardize Keccak variants with different parameters than those submitted to the SHA-3 competition. In particular, NIST considers to reduce the capacity to the output size of the SHA-3 standard and additionally, standardize a Keccak variant with a permutation size of 800 instead of 1600 bits. However, these variants have not been analyzed very well during the SHA-3 competition. Especially for the variant using an 800-bit permutation no analysis on the hash function has been published so far. In this work, we analyze these newly proposed Keccak variants and provide practical collisions for up to 4 rounds for all output sizes by constructing internal collisions. Our attacks are based on standard differential cryptanalysis contrary to the recent attacks by Dinur at al. from FSE 2013. We use a non-linear low probability path for the first two rounds and use methods from coding theory to find a high-probability path for the last two rounds. The low probability path as well as the conforming message pair is found using an automatic differential path search tool. Our results indicate that reducing the capacity slightly improves attacks, while reducing the permutation size degrades attacks on Keccak.
Original languageEnglish
Title of host publicationCryptography and Coding
PublisherSpringer
Pages141-157
ISBN (Print)978-364245238-3
DOIs
Publication statusPublished - 2013
Event14th IMA International Conference on Cryptography and Coding: IMACC 2013 - Oxford, United Kingdom
Duration: 17 Dec 201319 Dec 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer
Number8308 LNCS
ISSN (Electronic)0302-9743

Conference

Conference14th IMA International Conference on Cryptography and Coding
Country/TerritoryUnited Kingdom
CityOxford
Period17/12/1319/12/13

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'Differential Cryptanalysis of Keccak Variants'. Together they form a unique fingerprint.
  • SeCoS - Secure Contactless Sphere - Smart RFID-Technologies for a Connected World

    Bösch, W. (Co-Investigator (CoI)), Wenger, E. (Co-Investigator (CoI)), Khan, H. N. (Co-Investigator (CoI)), Schmidt, J.-M. (Co-Investigator (CoI)), Gadringer, M. E. (Co-Investigator (CoI)), Spreitzer, R. C. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Gruss, D. (Co-Investigator (CoI)), Hutter, M. (Co-Investigator (CoI)), Freidl, P. F. (Co-Investigator (CoI)), Görtschacher, L. J. (Co-Investigator (CoI)), Mangard, S. (Co-Investigator (CoI)) & Grosinger, J. (Co-Investigator (CoI))

    1/01/1331/12/15

    Project: Research project

  • FWF - ReSIT - Realizing a Secure Internet of Things

    Hutter, M. (Co-Investigator (CoI)), Wenger, E. (Co-Investigator (CoI)), Schmidt, J.-M. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Mangard, S. (Co-Investigator (CoI)) & Posch, R. (Principal Investigator (PI))

    1/07/1231/12/14

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this