CryptoDB
Preimage Attacks on up to 5 Rounds of SHA-3 Using Internal Differentials
| Authors: |
|
|---|---|
| Download: | |
| Presentation: | Slides |
| Conference: | EUROCRYPT 2025 |
| Abstract: | In this paper, we study preimage resistance of the SHA-3 standard. We propose a squeeze meet-in-the-middle attack as a new preimage attack method for the sponge functions. This attack combines the squeeze attack and meet-in-the-middle attack, and is implemented by internal differentials. We analyze the inverse operation of the SHA-3 round function, and develop a new target internal differential algorithm as well as a linearization technique for the Sbox in the backward phase. In addition, we propose the concept of a value-difference distribution table (VDDT) to optimize the attack complexity. These techniques lead to faster preimage attacks on five (out of six) SHA-3 functions reduced to 4 rounds, and also bring preimage attacks on 5 rounds of four SHA-3 instances. The attack techniques are verified by performing practical preimage attack on a small variant of 4-round Keccak. |
BibTeX
@inproceedings{eurocrypt-2025-35386,
title={Preimage Attacks on up to 5 Rounds of SHA-3 Using Internal Differentials},
publisher={Springer-Verlag},
author={Zhongyi Zhang and Chengan Hou and Meicheng Liu},
year=2025
}