A SAT-based preimage analysis of reduced KECCAK hash functions
نویسندگان
چکیده
In this paper, we present a preimage attack on reduced ver sions of Keccak hash functions. We use our recently developed toolkit CryptLogVer for generating CNF (conjunctive normal form) which is passed to the SAT solver PrecoSAT [2]. We found preimages for some reduced versions of the function and showed that full Keccak function is secure against the presented attack.
منابع مشابه
Linear Structures: Applications to Cryptanalysis of Round-Reduced Keccak
In this paper, we analyze the security of round-reduced versions of the Keccak hash function family. Based on the work pioneered by Aumasson and Meier, and Dinur et al., we formalize and develop a technique named linear structure, which allows linearization of the underlying permutation of Keccak for up to 3 rounds with large number of variable spaces. As a direct application, it extends the be...
متن کاملRotational Cryptanalysis of Round-Reduced Keccak
In this paper we attack round-reduced Keccak hash function with a technique called rotational cryptanalysis. We focus on Keccak variants proposed as SHA-3 candidates in the NIST’s contest for a new standard of cryptographic hash function. Our main result is a preimage attack on 4-round Keccak and a 5-round distinguisher on Keccak-f [1600] permutation — the main building block of Keccak hash fun...
متن کاملPreimage attacks on the round-reduced Keccak with the aid of differential cryptanalysis
In this paper we use differential cryptanalysis to attack the winner of the SHA-3 competition, namely Keccak hash function. Despite more than 6 years of intensive cryptanalysis there have been known only two preimage attacks which reach 3 (or slightly more) rounds. Our 3-round preimage attack improves the complexity of those two existing attacks and it is obtained with a different technique. We...
متن کاملCryptanalysis of 1-Round KECCAK
In this paper, we give the first pre-image attack against 1round KECCAK-512 hash function, which works for all variants of 1round KECCAK. The attack gives a preimage of length less than 1024 bits by solving a system of 384 linear equations. We also give a collision attack against 1-round KECCAK using similar analysis.
متن کاملMalicious Keccak
In this paper, we investigate Keccak — the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such the variant, collision and preimage attacks are possible. We also identify a class of weak keys for the malicious Keccak working in the MAC mode. Ideas presented in the paper were ver...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Inf. Process. Lett.
دوره 113 شماره
صفحات -
تاریخ انتشار 2010