Abstract
Bernstein’s CubeHash is a hash function family that includes four functions submitted to the NIST Hash Competition. A CubeHash function is parametrized by a number of rounds r, a block byte size b, and a digest bit length h (the compression function makes r rounds, while the finalization function makes 10r rounds). The 1024-bit internal state of CubeHash is represented as a five-dimensional hypercube. The submissions to NIST recommends r = 8, b = 1, and h ∈ {224,256,384,512}.
This paper presents the first external analysis of CubeHash, with
-
improved standard generic attacks for collisions and preimages
-
a multicollision attack that exploits fixed points
-
a study of the round function symmetries
-
a preimage attack that exploits these symmetries
-
a practical collision attack on a weakened version of CubeHash
-
a study of fixed points and an example of nontrivial fixed point
-
high-probability truncated differentials over 10 rounds
Since the first publication of these results, several collision attacks for reduced versions of CubeHash were published by Dai, Peyrin, et al. Our results are more general, since they apply to any choice of the parameters, and show intrinsic properties of the CubeHash design, rather than attacks on specific versions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aumasson, J.-P.: Collision for CubeHash2/120-512. NIST mailing list (December 4, 2008), http://ehash.iaik.tugraz.at/uploads/a/a9/Cubehash.txt
Aumasson, J.-P., Meier, W., Naya-Plasencia, M., Peyrin, T.: Inside the hypercube. Cryptology ePrint Archive, Report 2008/486, version 20081124:132635 (2008)
Bernstein, D.J.: CubeHash appendix: complexity of generic attacks. Submission to NIST (2008)
Bernstein, D.J.: CubeHash attack analysis (2.B.5). Submission to NIST (2008)
Daniel, J.B.: CubeHash specification (2.B.1). Submission to NIST (2008)
Brier, E., Khazaei, S., Meier, W., Peyrin, T.: Attack for CubeHash-2/2 and collision for CubeHash-3/64. NIST mailing list (local link) (2009), http://ehash.iaik.tugraz.at/uploads/3/3a/Peyrin_ch22_ch364.txt
Brier, E., Peyrin, T.: Cryptanalysis of CubeHash (2009), http://thomas.peyrin.googlepages.com/BrierPeyrinCubehash.pdf
Dai, W.: Collisions for CubeHash1/45 and CubeHash2/89 (2008), http://www.cryptopp.com/sha3/cubehash.pdf
Diaconis, P., Mosteller, F.: Methods for studying coincidences. Journal of the American Statistical Association 84(408), 853–861 (1989)
Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)
NIST. SP 800-22, a statistical test suite for random and pseudorandom number generators for cryptographic applications (2001)
Suzuki, K., Tonien, D., Kurosawa, K., Toyota, K.: Birthday paradox for multi-collisions. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 29–40. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aumasson, JP., Brier, E., Meier, W., Naya-Plasencia, M., Peyrin, T. (2009). Inside the Hypercube. In: Boyd, C., González Nieto, J. (eds) Information Security and Privacy. ACISP 2009. Lecture Notes in Computer Science, vol 5594. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02620-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-02620-1_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02619-5
Online ISBN: 978-3-642-02620-1
eBook Packages: Computer ScienceComputer Science (R0)