Improvement of Rotational Cryptanalysis of Shabal and Cubehash Hash Functions

Document Type : Original Article

Authors

IHU

Abstract

A cryptographic hash function maps an arbitrary length input to a fixed length output. These functions are used in many cryptographic applications such as digital signatures. They must be secure against collision, preimage and 2-preimage attacks. Rotational cryptanalysis is an approach to the analysis of ARX ciphers. The Hash functions Shabal and Cubehash, which are two candidates of the second round of the SHA-3   competition, have an ARX structure. They have been analyzed with respect to rotational cryptanalysis by Tabatabaei et al. In this paper we consider their analysis and present some observations. Our observations show that the results of Tabatabaei et al.’s cryptanalysis are not accurate. Then we present some new     results about rotational cryptanalysis of Shabal and Cubehash. Thereafter we present some new results and show that rotational cryptanalysis is effective on a smaller number of rounds on Shabal and Cubehash Hash functions.
 

Keywords


[1]
D. Stinson, “Cryptography Theory and Practice,” CRC, 2006.##
[2]
F. Chabaud and A. Joux, “Differential Collisions in    SHA-0,” CRYPTO '98, 1998.##
[3]
M. Stevens, P. Karpman, and T. Peyrin, “Freestart Collision for Full SHA-1,” Eurocrypt, LNCS, vol. 9665, pp. 459-483, 2016.##
[4]
S. K. Sanadhya and P. Sarkar, “New Collision Attacks Against up To 24-step SHA-2,” IACR Cryptology, 2008.##
[5]
X. Wang, H. Yu, and Y. L. Yin, “Efficient Collision Search Attacks on SHA-0,” Advances in Cryptology, Crypto 2005, LNCS 3621, pp. 1-16, Springer, 2005.##
[6]
X. Wang, Y. L. Yin, and H. Yu, “Finding Collisions in the Full SHA-1,” Advances in Cryptology, Crypto 2005, LNCS 3621, pp. 17- 36, Springer, 2005.##
[7]
NIST, “Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA–3) Family,” Federal Register, vol. 72, pp.     62212–62220, Nov. 2007.##
[8]
T. Peyrin, “Improved Differential Attacks for ECHO and Grøstl,” Cryptology ePrint Archive, 2010.##
[9]
D. Khovratovich and I. Nikoli´c, “Rotational cryptanalysis of ARX,” In Proceedings of the 17th international conference on Fast Software Encryption, Springer, pp. 333–346, 2010.##
[10]
D. Khovratovich, I. Nikoli´c, J. Pieprzyk, P. Sokolowski, and R. Steinfeld, “Rotational cryptanalysis of ARX revisited,” In Fast Software Encryption, pp. 519–536, Springer, 2015.##
[11]
T. Ashur and Y. Liu, “Rotational cryptanalysis in the presence of constants,” IACR Transactions on Symmetric Cryptology, pp. 57–70, 2016.##
[12]
A. Ranea, Y. Liu, and T. Ashur, “An Easy-to-Use Tool for Rotational-XOR Cryptanalysis of ARX Block Ciphers,” Proceedings of the Romanian Academy, Series A, pp. 307–316, 2017.##
[13]
S. A. Tabatabaei Feiz Abad, A. Gaini, and B. Keshavarzi, “Rotational Cryptanalysis on Shabal and CubeHash,” In Journal of Electronical & Cyber Defence, Springer, pp. 59–64, 2018. (In Persian)##
[14]
M. Daum, “Cryptanalysis of Hash Functions of the    MD4-Family,” PhD thesis, RuhrUniversit¨at Bochum May, 2005.##
[15]
A. Canteaut, T. Pornin, E. Bresson, and T. Icart, “Shabal, a Submission to NIST's Cryptographic Hash Algorithm Competition,” Submission to NIST, 2008.##
[16]
A. Nieke, “Cryptanalysis of Hash Functions,” Macquarie University & Eindhoven University of Technology, 2011.##
[17]
Daniel J. Bernstein, “CubeHash specification (2.b.1),” Submission to NIST, 2008.##
[18]
J. Alizadeh and A. Mirghadri, “A new distinguisher for CubeHash-8/b and CubeHash-15/b compression functions,” IACR eprint, 2011.##
Volume 9, Issue 1 - Serial Number 33
Serial No. 33, Spring Quarterly
April 2021
Pages 91-100
  • Receive Date: 12 April 2020
  • Revise Date: 01 June 2020
  • Accept Date: 05 August 2020
  • Publish Date: 21 April 2021