Collision attacks on up to 5 rounds of SHA-3 using generalized internal differentials

Itai Dinur, Orr Dunkelman, Adi Shamir

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


On October 2-nd 2012 NIST announced its selection of the Keccak scheme as the new SHA-3 hash standard. In this paper we present the first published collision finding attacks on reduced-round versions of Keccak-384 and Keccak-512, providing actual collisions for 3-round versions, and describing an attack which is 245 times faster than birthday attacks for 4-round Keccak-384. For Keccak-256, we increase the number of rounds which can be attacked to 5. All these results are based on a generalized internal differential attack (introduced by Peyrin at Crypto 2010), and use it to map a large number of Keccak inputs into a relatively small subset of possible outputs with a surprisingly large probability. In such a squeeze attack it is easier to find random collisions in the reduced target subset by a standard birthday argument.

Original languageEnglish
Title of host publicationFast Software Encryption - 20th International Workshop, FSE 2013, Revised Selected Papers
PublisherSpringer Verlag
Number of pages22
ISBN (Print)9783662439326
StatePublished - 2014
Event20th International Workshop on Fast Software Encryption, FSE 2013 - Singapore, Singapore
Duration: 11 Mar 201313 Mar 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8424 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference20th International Workshop on Fast Software Encryption, FSE 2013

Bibliographical note

Funding Information:
The second author was supported in part by the Israel Science Foundation through grant No. 827/12.


  • Collisions
  • Cryptanalysis
  • Hash function
  • Internal differentials
  • Keccak
  • SHA-3
  • Squeeze attack

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Collision attacks on up to 5 rounds of SHA-3 using generalized internal differentials'. Together they form a unique fingerprint.

Cite this