Hyper-Sbox view of AES-like permutations: a generalized distinguisher

  • Authors:
  • Shuang Wu;Dengguo Feng;Wenling Wu;Bozhan Su

  • Affiliations:
  • State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China;State Key Lab of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, China

  • Venue:
  • Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

Grøstl[1] is one of the second round candidates of the SHA-3 competition[2] hosted by NIST, which aims to find a new hash standard. In this paper, we studied equivalent expressions of the generalized AES-like permutation. We found that four rounds of the AES-like permutation can be regarded as a Hyper-Sbox. Then we further analyzed the differential properties of both Super-Sbox and Hyper-Sbox. Based on these observations, we give an 8-round truncated differential path of the generalized AES-like permutation, which can be used to construct a distinguisher of 8-round Grøstl-256 permutation with 264 time and 264 memory. This is the best known distinguisher of reduced-round Grøstl permutation.