[go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2009/302

Cryptanalysis of ESSENCE

Maria Naya-Plasencia, Andrea Röck, Jean-Philippe Aumasson, Yann Laigle-Chapuy, Gaëtan Leurent, Willi Meier, and Thomas Peyrin

Abstract

ESSENCE is a hash function submitted to the NIST Hash Competition that stands out as a hardware-friendly and highly parallelizable design. Previous analysis showed some non-randomness in the compression function which could not be extended to an attack on the hash function and ESSENCE remained unbroken. Preliminary analysis in its documentation argues that it resists standard differential cryptanalysis. This paper disproves this claim, showing that advanced techniques can be used to significantly reduce the cost of such attacks: using a manually found differential characteristic and an advanced search algorithm, we obtain collision attacks on the full ESSENCE-256 and ESSENCE-512, with respective complexities 2^67.4 and 2^134.7. In addition, we show how to use these attacks to forge valid (message, MAC) pairs for HMAC-ESSENCE-256 and HMAC-ESSENCE-512, essentially at the same cost as a collision.

Note: To appear at FSE 2010.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
hash functioncollisionSHA-3NIST hash competition
Contact author(s)
maria naya plasencia @ gmail com
jeanphilippe aumasson @ gmail com
History
2010-01-27: last of 5 revisions
2009-06-24: received
See all versions
Short URL
https://ia.cr/2009/302
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/302,
      author = {Maria Naya-Plasencia and Andrea Röck and Jean-Philippe Aumasson and Yann Laigle-Chapuy and Gaëtan Leurent and Willi Meier and Thomas Peyrin},
      title = {Cryptanalysis of {ESSENCE}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/302},
      year = {2009},
      url = {https://eprint.iacr.org/2009/302}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.