Presentation | 2009-07-03 On the strength evaluation of Lesamnta against differential cryptanalysis Yasutaka IGARASHI, Toshinobu KANEKO, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | We focus on the cryptographic hash algorithm Lesamnta-256, which is one of the candidates for the new hash algorithm SHA-3. Lesamnta-256 consists of the Merkle-Damgard iteration of a compression function. The compression function consists of a mixing function and a key scheduling function. The mixing function consists of the 32 rounds of the four-way generalized Feistel structure. There is a nonlinear function F with 64-bit input/output on each round, which consists of the 4 steps of AES type of SPN structure. A subkey is XORed only at the first step of SPN. We analyze the security of these components of Lesamnta as is, although the designers analyzed its security by assuming that the subkey is XORed at every step of SPN. We show that the 2 steps of SPN referred to as XS have the maximum differential probability 2^<-11.415>. This probability is greater than both of the differential characteristic probability 2^<-18> and the differential probability 2^<-12> derived under the independent subkey assumption. On the strength of whole compression function, we show that there are at least 15 active F functions in the mixing function. As the input bit width of the mixing function is 256, we can say that it is secure against differential attack if the maximum differential probability of F function is less than 2^<-256/15>=2^<-17.067>. Finally we show that the key scheduling function is secure against differential cryptanalysis. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Lesamnta / differential cryptanalysis / higher-order differential / SHA-3 / hash function |
Paper # | ISEC2009-28,SITE2009-20,ICSS2009-42 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2009/6/25(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | On the strength evaluation of Lesamnta against differential cryptanalysis |
Sub Title (in English) | |
Keyword(1) | Lesamnta |
Keyword(2) | differential cryptanalysis |
Keyword(3) | higher-order differential |
Keyword(4) | SHA-3 |
Keyword(5) | hash function |
1st Author's Name | Yasutaka IGARASHI |
1st Author's Affiliation | Faculty of Science and Technology, Tokyo University of Science() |
2nd Author's Name | Toshinobu KANEKO |
2nd Author's Affiliation | Faculty of Science and Technology, Tokyo University of Science |
Date | 2009-07-03 |
Paper # | ISEC2009-28,SITE2009-20,ICSS2009-42 |
Volume (vol) | vol.109 |
Number (no) | 113 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |