Paper 2011/175

Analysis of reduced-SHAvite-3-256 v2

Marine Minier, Maria Naya-Plasencia, and Thomas Peyrin

Abstract

In this article, we provide the first independent analysis of the (2nd-round tweaked) 256-bit version of the SHA-3 candidate SHAvite-3. By leveraging recently introduced cryptanalysis tools such as rebound attack or Super-Sbox cryptanalysis, we are able to derive chosen-related-salt distinguishing attacks on the compression function on up to 8 rounds (12 rounds in total) and free-start collisions on up to 7 rounds. In particular, our best results are obtained by carefully controlling the differences in the key schedule of the internal cipher. Most of our results have been implemented and verified experimentally.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Extended version of the paper accepted at FSE 2011
Keywords
rebound attackSuper-SboxcollisiondistinguisherSHAvite-3SHA-3
Contact author(s)
marine minier @ insa-lyon fr
History
2011-04-05: received
Short URL
https://ia.cr/2011/175
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/175,
      author = {Marine Minier and Maria Naya-Plasencia and Thomas Peyrin},
      title = {Analysis of reduced-SHAvite-3-256 v2},
      howpublished = {Cryptology ePrint Archive, Paper 2011/175},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/175}},
      url = {https://eprint.iacr.org/2011/175}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.