Linear analysis of reduced-round CubeHash

Tomer Ashur, Orr Dunkelman

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Recent developments in the field of cryptanalysis of hash functions has inspired NIST to announce a competition for selecting a new cryptographic hash function to join the SHA family of standards. One of the 14 second-round candidates was CubeHash designed by Daniel J. Bernstein. CubeHash is a unique hash function in the sense that it does not iterate a common compression function, and offers a structure which resembles a sponge function, even though it is not exactly a sponge function. In this paper we analyze reduced-round variants of CubeHash where the adversary controls the full 1024-bit input to reduced-round Cube- Hash and can observe its full output. We show that linear approximations with high biases exist in reduced-round variants. For example, we present an 11-round linear approximation with bias of 2-∈235, which allows distinguishing 11-round CubeHash using about 2470 queries. We also discuss the extension of this distinguisher to 12 rounds using message modification techniques. Finally, we present a linear distinguisher for 14-round CubeHash which uses about 2812 queries.

Original languageEnglish
Title of host publicationApplied Cryptography and Network Security - 9th International Conference, ACNS 2011, Proceedings
Pages462-478
Number of pages17
DOIs
StatePublished - 2011
Event9th International Conference on Applied Cryptography and Network Security, ACNS 2011 - Nerja, Spain
Duration: 7 Jun 201110 Jun 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6715 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference9th International Conference on Applied Cryptography and Network Security, ACNS 2011
Country/TerritorySpain
CityNerja
Period7/06/1110/06/11

Keywords

  • CubeHash SHA-3 competition
  • Linear cryptanalysis

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Linear analysis of reduced-round CubeHash'. Together they form a unique fingerprint.

Cite this