Collision Attacks on Round-Reduced SHA-3 Using Conditional Internal Differentials

The KECCAK hash function was selected by NIST as the winner of $$\texttt {SHA-3}$$ competition in 2012 and became standard 2015. On account ’s importance theory applications, analysis its security has attracted increasing attention. In family, {SHA3-512}$$ shows strongest resistance against collision attacks: theoretical attacks only extend to four rounds solving polynomial systems with 64 times faster than birthday attack. Yet for instance SHAKE256 there are no results on that we aware literatures. this paper, study round-reduced . Inspired work Dinur, Dunkelman Shamir 2013, propose a variant attack improve internal differential cryptanalysis abstracting new concepts such transition conditions difference table. With help these techniques, develop using conditional differentials. More exactly, initial messages constrained linear pass through first two differential, their corresponding inputs entering last divided into different subsets search according values conditions. Together an improved target algorithm (TIDA), up 5 all six functions obtained. particular, 4-round 5-round {SHAKE256}$$ achieved complexity $$2^{237}$$ $$2^{185}$$ respectively. As far know, is best reduced , it