A Generalized Birthday Problem
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
The Rectangle Attack - Rectangling the Serpent
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Improved Cryptanalysis of Skein
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Hash functions and the (amplified) boomerang attack
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Rotational cryptanalysis of ARX
FSE'10 Proceedings of the 17th international conference on Fast software encryption
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Related-Key boomerang and rectangle attacks
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Improved related-key boomerang attacks on round-reduced threefish-512
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Boomerang distinguishers on MD4-Family: first practical results on full 5-pass HAVAL
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
The Return of the Cryptographic Boomerang
IEEE Transactions on Information Theory
Analysis of differential attacks in ARX constructions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Second order collision for the 42-step reduced DHA-256 hash function
Information Processing Letters
| Hi-index | 0.00 |
In this paper we study boomerang attacks in the chosen-key setting. This is particularly relevant to hash function analysis, since many boomerang attacks have been described against ARX-based designs. We present a new way to combine message modifications, or auxiliary differentials, with the boomerang attack. We show that under some conditions, we can combine three independent paths instead of two for the classical boomerang attack. Our main result is obtained by applying this technique to round-reduced Skein-256, for which we show a distinguisher on the keyed permutation with complexity only 257, and a distinguisher on the compression function with complexity 2114. We also discuss application of the technique to Skein-512 and show some problems with the paths used in previous boomerang analysis of Skein-512.