eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2012/163

Differential propagation analysis of Keccak

Joan Daemen and Gilles Van Assche

Abstract

In this paper we introduce new concepts that help read and understand low-weight differential trails in Keccak. We then propose efficient techniques to exhaustively generate all 3-round trails in its largest permutation below a given weight. This allows us to prove that any 6-round differential trail in Keccak-f[1600] has weight at least 74. In the worst-case diffusion scenario where the mixing layer acts as the identity, we refine the lower bound to 82 by systematically constructing trails using a specific representation of states.

Note: Added reference to the source code.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Full version of the paper presented at FSE 2012
Keywords
cryptographic hash functionKeccakdifferential cryptanalysiscomputer-aided proof
Contact author(s)
gilles vanassche @ st com
History
2012-04-26: revised
2012-03-28: received
See all versions
Short URL
https://ia.cr/2012/163
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2012/163,
      author = {Joan Daemen and Gilles Van Assche},
      title = {Differential propagation analysis of Keccak},
      howpublished = {Cryptology ePrint Archive, Paper 2012/163},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/163}},
      url = {https://eprint.iacr.org/2012/163}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.