Open AccessSymSum: Symmetric-Sum Distinguishers Against Round Reduced SHA3
Author(s) -
Dhiman Saha,
Sukhendu Kuila,
Debashish Chowdhury
Publication year - 2017
Publication title -
iacr transaction on symmetric cryptology
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.715
H-Index - 10
ISSN - 2519-173X
DOI - 10.46586/tosc.v2017.i1.240-258
Subject(s) - iterated function , linear subspace , property (philosophy) , hamming distance , mathematics , constant (computer programming) , discrete mathematics , computer science , algorithm , combinatorics , pure mathematics , mathematical analysis , philosophy , epistemology , programming language
In this work we show the existence of special sets of inputs for which the sum of the images under SHA3 exhibits a symmetric property. We develop an analytical framework which accounts for the existence of these sets. The framework constitutes identification of a generic property of iterated SPN based functions pertaining to the round-constant addition and combining it with the notion of m−fold vectorial derivatives for differentiation over specially selected subspaces. Based on this we propose a new distinguisher called SymSum for the SHA3 family which penetrates up to 9 rounds and outperforms the ZeroSum distinguisher by a factor of four. Interestingly, the current work is the first analysis of SHA3/Keccak that relies on round-constants but is independent of their Hamming-weights.