Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The Design of Rijndael
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
The random oracle methodology, revisited
Journal of the ACM (JACM)
Distinguishers for Ciphers and Known Key Attack against Rijndael with Large Blocks
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
Fast Software Encryption
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Selected Areas in Cryptography
Cryptanalysis of Hash Functions with Structures
Selected Areas in Cryptography
Cryptanalysis of the LANE Hash Function
Selected Areas in Cryptography
Rebound Attack on the Full Lane Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Known-key distinguishers for some block ciphers
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Understanding two-round differentials in AES
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Rebound attacks on the reduced grøstl hash function
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Improved differential attacks for ECHO and Grøstl
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Known-key attacks on Rijndael with large blocks and strengthening shiftrow parameter
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Improved collision attacks on the reduced-round Grøstl hash function
ISC'10 Proceedings of the 13th international conference on Information security
Subspace distinguisher for 5/8 rounds of the ECHO-256 hash function
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
On the cryptanalysis of the hash function Fugue: Partitioning and inside-out distinguishers
Information Processing Letters
Analysis of reduced-SHAvite-3-256 v2
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Practical near-collisions and collisions on round-reduced ECHO-256 compression function
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Known-key distinguishers on 11-round Feistel and collision attacks on its hashing modes
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Hyper-Sbox view of AES-like permutations: a generalized distinguisher
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
How to improve rebound attacks
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Known and chosen key differential distinguishers for block ciphers
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Experimental verification of super-sbox analysis: confirmation of detailed attack complexity
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Known-Key distinguisher on round-reduced 3d block cipher
WISA'11 Proceedings of the 12th international conference on Information Security Applications
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Boomerang distinguisher for the SIMD-512 compression function
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Improved rebound attack on the finalist grøstl
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Unaligned rebound attack: application to keccak
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Bicliques for permutations: collision and preimage attacks in stronger settings
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Internal differential collision attacks on the reduced-round GrØstl-0 hash function
Designs, Codes and Cryptography
Hi-index | 0.00 |
In this paper, we improve the recent rebound and start-from-the-middle attacks on AES-like permutations. Our new cryptanalysis technique uses the fact that one can view two rounds of such permutations as a layer of big Sboxes preceded and followed by simple affine transformations. The big Sboxes encountered in this alternative representation are named Super-Sboxes. We apply this method to two second-round SHA-3 candidates Grøstl and ECHO, and obtain improvements over the previous cryptanalysis results for these two schemes. Moreover, we improve the best distinguisher for the AES block cipher in the known-key setting, reaching 8 rounds for the 128-bit version.