Hyper-Sbox view of AES-like permutations: a generalized distinguisher

Authors:
Shuang Wu;Dengguo Feng;Wenling Wu;Bozhan Su
Affiliations:
State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China
Venue:
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Year:
2010

Citing 11
Cited 2

Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl

Fast Software Encryption
Improved Cryptanalysis of the Reduced Grøstl Compression Function, ECHO Permutation and AES Block Cipher

Selected Areas in Cryptography
Cryptanalysis of the LANE Hash Function

Selected Areas in Cryptography
Rebound Attack on the Full Lane Compression Function

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rebound Distinguishers: Results on the Full Whirlpool Compression Function

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Collisions for 70-step SHA-1: on the full cost of collision search

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Super-Sbox cryptanalysis: improved attacks for AES-like permutations

FSE'10 Proceedings of the 17th international conference on Fast software encryption
Improved differential attacks for ECHO and Grøstl

CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Experimental verification of super-sbox analysis: confirmation of detailed attack complexity

IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks

ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Grøstl[1] is one of the second round candidates of the SHA-3 competition[2] hosted by NIST, which aims to find a new hash standard. In this paper, we studied equivalent expressions of the generalized AES-like permutation. We found that four rounds of the AES-like permutation can be regarded as a Hyper-Sbox. Then we further analyzed the differential properties of both Super-Sbox and Hyper-Sbox. Based on these observations, we give an 8-round truncated differential path of the generalized AES-like permutation, which can be used to construct a distinguisher of 8-round Grøstl-256 permutation with 264 time and 264 memory. This is the best known distinguisher of reduced-round Grøstl permutation.