Rebound Attack on the Full LANE Compression Function

Krystian Matusiewicz, Maria Naya-Plasencia, Nikolic Ivica, Yu Sasaki, Martin Schläffer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

In this work, we apply the rebound attack to the AES based SHA-3 candidate Lane. The hash function Lane uses a permutation based compression function, consisting of a linear message expansion and 6 parallel lanes. In the rebound attack on Lane, we apply several new techniques to construct a collision for the full compression function of Lane-256 and Lane-512. Using a relatively sparse truncated differential path, we are able to solve for a valid message expansion and colliding lanes independently. Additionally, we are able to apply the inbound phase more than once by exploiting the degrees of freedom in the parallel AES states. This allows us to construct semi-free-start collisions for full Lane-256 with 296 compression function evaluations and 288 memory, and for full Lane-512 with 2224 compression function evaluations and 2128 memory.
Original languageEnglish
Title of host publication Advances in Cryptology – ASIACRYPT 2009
Place of PublicationBerlin; Heidelberg
PublisherSpringer
Pages106-125
ISBN (Print)978-3-642-10365-0
DOIs
Publication statusPublished - 2009
Event15th International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2009 - Tokyo, Japan
Duration: 6 Dec 200910 Dec 2009

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume5912

Conference

Conference15th International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated titleASIACRYPT 2009
Country/TerritoryJapan
CityTokyo
Period6/12/0910/12/09

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'Rebound Attack on the Full LANE Compression Function'. Together they form a unique fingerprint.
  • EU - ECRYPT II - European network of excellence in cryptology - Phase II

    Schmidt, J.-M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Kirschbaum, M. (Co-Investigator (CoI)), Feldhofer, M. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Aigner, M. J. (Co-Investigator (CoI)), Rechberger, C. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Tillich, S. (Co-Investigator (CoI)), Medwed, M. (Co-Investigator (CoI)), Hutter, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)) & Posch, R. (Principal Investigator (PI))

    1/08/0831/01/13

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this