Malicious Keccak
نویسنده
چکیده
In this paper, we investigate Keccak — the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such the variant, collision and preimage attacks are possible. We also identify a class of weak keys for the malicious Keccak working in the MAC mode. Ideas presented in the paper were verified by implementing the attacks on the function with the 128-bit hash.
منابع مشابه
New Attacks on Keccak-224 and Keccak-256
The Keccak hash function is one of the five finalists in NIST’s SHA-3 competition, and so far it showed remarkable resistance against practical collision finding attacks: After several years of cryptanalysis and a lot of effort, the largest number of Keccak rounds for which actual collisions were found was only 2. In this paper we develop improved collision finding techniques which enable us to...
متن کاملCube Attacks and Cube-Attack-Like Cryptanalysis on the Round-Reduced Keccak Sponge Function
In this paper, we comprehensively study the resistance of keyed variants of SHA-3 (Keccak) against algebraic attacks. This analysis covers a wide range of key recovery, MAC forgery and other types of attacks, breaking up to 9 rounds (out of the full 24) of the Keccak internal permutation much faster than exhaustive search. Moreover, some of our attacks on the 6-round Keccak are completely pract...
متن کاملKeccak specifications
Keccak (pronounced [kEtSak]) is a family of hash functions that are based on the sponge construction [1] and use as a building block a permutation from a set of 7 permutations. In this document, we specify these permutations, the Keccak sponge functions and the parameter values we propose for use in our SHA-3 candidates. We also give conventions for bit and byte numbering, for using the arbitra...
متن کاملRotational Cryptanalysis of Round-Reduced Keccak
In this paper we attack round-reduced Keccak hash function with a technique called rotational cryptanalysis. We focus on Keccak variants proposed as SHA-3 candidates in the NIST’s contest for a new standard of cryptographic hash function. Our main result is a preimage attack on 4-round Keccak and a 5-round distinguisher on Keccak-f [1600] permutation — the main building block of Keccak hash fun...
متن کاملConditional Cube Attack on Reduced-Round Keccak Sponge Function
Since Keccak was selected as SHA-3 hash function by NIST, it has attracted considerable attention from cryptographic researchers. Keccak sponge function [1] has also been used to design message authentication codes (MAC) and authenticated encryption (AE) scheme Keyak. Till now, the most efficient key recovery attacks on Keccak-MAC and Keyak are cube attacks and cube-attack-like cryptanalysis pr...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015