Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems

Tim Beyne; Anne Canteaut; Itai Dinur; Maria Eichlseder; Gregor Leander; Gaëtan Leurent; María Naya-Plasencia; Yu Sasaki; Yosuke Todo; Friedrich Wiemer

doi:https://doi.org/10.1007/978-3-030-56877-1_11

Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems

Tim Beyne, Anne Canteaut, Itai Dinur, Maria Eichlseder, Gregor Leander, Gaëtan Leurent, María Naya-Plasencia, Yu Sasaki, Yosuke Todo, Friedrich Wiemer

Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (7050)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Abstract

The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic.

Originalsprache	englisch
Titel	Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings
Redakteure/-innen	Daniele Micciancio, Thomas Ristenpart
Herausgeber (Verlag)	Springer
Seiten	299-328
Seitenumfang	30
ISBN (Print)	9783030568764
DOIs	https://doi.org/10.1007/978-3-030-56877-1_11
Publikationsstatus	Veröffentlicht - 1 Jan. 2020

Publikationsreihe

Name	Lecture Notes in Computer Science
Band	12172

ASJC Scopus subject areas

Theoretische Informatik
Allgemeine Computerwissenschaft

Zugriff auf Dokument

https://doi.org/10.1007/978-3-030-56877-1_11

https://eprint.iacr.org/2020/188Lizenz: CC BY 4.0

Andere Dateien und Links

http://www.scopus.com/inward/record.url?scp=85089723936&partnerID=8YFLogxK

EU - SOPHIA - Absicherung von Software gegen Physische Angriffe
Mangard, S.
1/09/16 → 31/08/21
Projekt: Forschungsprojekt

Dieses zitieren

Beyne, T., Canteaut, A., Dinur, I., Eichlseder, M., Leander, G., Leurent, G., Naya-Plasencia, M., Sasaki, Y., Todo, Y., & Wiemer, F. (2020). Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. in D. Micciancio, & T. Ristenpart (Hrsg.), Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings (S. 299-328). (Lecture Notes in Computer Science; Band 12172). Springer. https://doi.org/10.1007/978-3-030-56877-1_11

Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. / Beyne, Tim; Canteaut, Anne; Dinur, Itai et al.
Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings. Hrsg. / Daniele Micciancio; Thomas Ristenpart. Springer, 2020. S. 299-328 (Lecture Notes in Computer Science; Band 12172).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Beitrag in einem Konferenzband › Begutachtung

Beyne, T, Canteaut, A, Dinur, I, Eichlseder, M, Leander, G, Leurent, G, Naya-Plasencia, M, Sasaki, Y, Todo, Y & Wiemer, F 2020, Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. in D Micciancio & T Ristenpart (Hrsg.), Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings. Lecture Notes in Computer Science, Bd. 12172, Springer, S. 299-328. https://doi.org/10.1007/978-3-030-56877-1_11

Beyne T, Canteaut A, Dinur I, Eichlseder M, Leander G, Leurent G et al. Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. in Micciancio D, Ristenpart T, Hrsg., Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings. Springer. 2020. S. 299-328. (Lecture Notes in Computer Science). doi: https://doi.org/10.1007/978-3-030-56877-1_11

Beyne, Tim ; Canteaut, Anne ; Dinur, Itai et al. / Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems. Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings. Hrsg. / Daniele Micciancio ; Thomas Ristenpart. Springer, 2020. S. 299-328 (Lecture Notes in Computer Science).

@inproceedings{a908a3286e7e4d94a57d65202d5c6a11,

title = "Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems",

abstract = "The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic.",

keywords = "GMiMC, HadesMiMC, Hash functions, Integral attacks, Integrity proof systems",

author = "Tim Beyne and Anne Canteaut and Itai Dinur and Maria Eichlseder and Gregor Leander and Ga{\"e}tan Leurent and Mar{\'i}a Naya-Plasencia and Yu Sasaki and Yosuke Todo and Friedrich Wiemer",

year = "2020",

month = jan,

day = "1",

doi = "https://doi.org/10.1007/978-3-030-56877-1_11",

language = "English",

isbn = "9783030568764",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "299--328",

editor = "Daniele Micciancio and Thomas Ristenpart",

booktitle = "Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings",

}

TY - GEN

T1 - Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems

AU - Beyne, Tim

AU - Canteaut, Anne

AU - Dinur, Itai

AU - Eichlseder, Maria

AU - Leander, Gregor

AU - Leurent, Gaëtan

AU - Naya-Plasencia, María

AU - Sasaki, Yu

AU - Todo, Yosuke

AU - Wiemer, Friedrich

PY - 2020/1/1

Y1 - 2020/1/1

N2 - The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic.

AB - The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic.

KW - GMiMC

KW - HadesMiMC

KW - Hash functions

KW - Integral attacks

KW - Integrity proof systems

UR - http://www.scopus.com/inward/record.url?scp=85089723936&partnerID=8YFLogxK

U2 - https://doi.org/10.1007/978-3-030-56877-1_11

DO - https://doi.org/10.1007/978-3-030-56877-1_11

M3 - Conference paper

SN - 9783030568764

T3 - Lecture Notes in Computer Science

SP - 299

EP - 328

BT - Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, Proceedings

A2 - Micciancio, Daniele

A2 - Ristenpart, Thomas

PB - Springer

ER -

Out of Oddity - New Cryptanalytic Techniques against Symmetric Primitives Optimized for Integrity Proof Systems

Abstract

Publikationsreihe

ASJC Scopus subject areas

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Projekte

EU - SOPHIA - Absicherung von Software gegen Physische Angriffe

Dieses zitieren