Recent developments in the field of cryptanalysis of hash functions has inspired NIST to announce a competition for selecting a new cryptographic hash function to join the SHA family of standards. One of the 14 second-round candidates was CubeHash designed by Daniel J. Bernstein. CubeHash is a unique hash function in the sense that it does not iterate a common compression function, and offers a structure which resembles a sponge function, even though it is not exactly a sponge function. In this paper we analyze reduced-round variants of CubeHash where the adversary controls the full 1024-bit input to reduced-round Cube- Hash and can observe its full output. We show that linear approximations with high biases exist in reduced-round variants. For example, we present an 11-round linear approximation with bias of 2-∈235, which allows distinguishing 11-round CubeHash using about 2470 queries. We also discuss the extension of this distinguisher to 12 rounds using message modification techniques. Finally, we present a linear distinguisher for 14-round CubeHash which uses about 2812 queries. © 2011 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Ashur, T., & Dunkelman, O. (2011). Linear analysis of reduced-round CubeHash. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6715 LNCS, pp. 462–478). https://doi.org/10.1007/978-3-642-21554-4_27
Mendeley helps you to discover research relevant for your work.