A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH

Xiaorui Yu; Fukang Liu; Gaoli Wang; Siwei Sun; Willi Meier

doi:10.1007/978-3-031-53368-6_2

A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH

Xiaorui Yu, Fukang Liu, Gaoli Wang, Siwei Sun, Willi Meier

Software Engineering Institute

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

ASCON, a lightweight permutation-based primitive, has been selected as NIST’s lightweight cryptography standard. ASCON-HASH is one of the hash functions provided by the cipher suite ASCON. At ToSC 2021, the collision attack on 2-round ASCON-HASH with time complexity 2¹⁰³ was proposed. Due to its small rate, it is always required to utilize at least 2 message blocks to mount a collision attack because each message block is only of size 64 bits. This significantly increases the difficulty of the analysis because one almost needs to analyze equivalently at least 2ℓ rounds of ASCON in order to break ℓ rounds. In this paper, we make some critical observations on the round function of ASCON, especially a 2-round property. It is found that such properties can be exploited to reduce the time complexity of the 2-round collision attack to 2^62.6. Although the number of attacked rounds is not improved, we believe our techniques shed more insight into the properties of the ASCON permutation and we expect they can be useful for the future research.

Original language	English
Title of host publication	Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers
Editors	Claude Carlet, Claude Carlet, Kalikinkar Mandal, Vincent Rijmen, Vincent Rijmen
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	22-42
Number of pages	21
ISBN (Print)	9783031533679
DOIs	https://doi.org/10.1007/978-3-031-53368-6_2
State	Published - 2024
Event	30th International Conference on Selected Areas in Cryptography, SAC 2023 - Fredericton, Canada Duration: 14 Aug 2023 → 18 Aug 2023

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	14201 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	30th International Conference on Selected Areas in Cryptography, SAC 2023
Country/Territory	Canada
City	Fredericton
Period	14/08/23 → 18/08/23

Keywords

ASCON
ASCON-HASH
Algebraic Technique
Collision Attack

Access to Document

10.1007/978-3-031-53368-6_2

Cite this

Yu, X., Liu, F., Wang, G., Sun, S., & Meier, W. (2024). A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH. In C. Carlet, C. Carlet, K. Mandal, V. Rijmen, & V. Rijmen (Eds.), Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers (pp. 22-42). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 14201 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-53368-6_2

Yu, Xiaorui ; Liu, Fukang ; Wang, Gaoli et al. / A Closer Look at the S-Box : Deeper Analysis of Round-Reduced ASCON-HASH. Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers. editor / Claude Carlet ; Claude Carlet ; Kalikinkar Mandal ; Vincent Rijmen ; Vincent Rijmen. Springer Science and Business Media Deutschland GmbH, 2024. pp. 22-42 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{9237f4994c24451cbbbe7fff17c9dbe7,

title = "A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH",

abstract = "ASCON, a lightweight permutation-based primitive, has been selected as NIST{\textquoteright}s lightweight cryptography standard. ASCON-HASH is one of the hash functions provided by the cipher suite ASCON. At ToSC 2021, the collision attack on 2-round ASCON-HASH with time complexity 2103 was proposed. Due to its small rate, it is always required to utilize at least 2 message blocks to mount a collision attack because each message block is only of size 64 bits. This significantly increases the difficulty of the analysis because one almost needs to analyze equivalently at least 2ℓ rounds of ASCON in order to break ℓ rounds. In this paper, we make some critical observations on the round function of ASCON, especially a 2-round property. It is found that such properties can be exploited to reduce the time complexity of the 2-round collision attack to 262.6. Although the number of attacked rounds is not improved, we believe our techniques shed more insight into the properties of the ASCON permutation and we expect they can be useful for the future research.",

keywords = "ASCON, ASCON-HASH, Algebraic Technique, Collision Attack",

author = "Xiaorui Yu and Fukang Liu and Gaoli Wang and Siwei Sun and Willi Meier",

note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.; 30th International Conference on Selected Areas in Cryptography, SAC 2023 ; Conference date: 14-08-2023 Through 18-08-2023",

year = "2024",

doi = "10.1007/978-3-031-53368-6\_2",

language = "英语",

isbn = "9783031533679",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "22--42",

editor = "Claude Carlet and Claude Carlet and Kalikinkar Mandal and Vincent Rijmen and Vincent Rijmen",

booktitle = "Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers",

address = "德国",

}

Yu, X, Liu, F, Wang, G, Sun, S & Meier, W 2024, A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH. in C Carlet, C Carlet, K Mandal, V Rijmen & V Rijmen (eds), Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 14201 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 22-42, 30th International Conference on Selected Areas in Cryptography, SAC 2023, Fredericton, Canada, 14/08/23. https://doi.org/10.1007/978-3-031-53368-6_2

A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH. / Yu, Xiaorui; Liu, Fukang; Wang, Gaoli et al.
Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers. ed. / Claude Carlet; Claude Carlet; Kalikinkar Mandal; Vincent Rijmen; Vincent Rijmen. Springer Science and Business Media Deutschland GmbH, 2024. p. 22-42 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 14201 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A Closer Look at the S-Box

T2 - 30th International Conference on Selected Areas in Cryptography, SAC 2023

AU - Yu, Xiaorui

AU - Liu, Fukang

AU - Wang, Gaoli

AU - Sun, Siwei

AU - Meier, Willi

N1 - Publisher Copyright: © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.

PY - 2024

Y1 - 2024

N2 - ASCON, a lightweight permutation-based primitive, has been selected as NIST’s lightweight cryptography standard. ASCON-HASH is one of the hash functions provided by the cipher suite ASCON. At ToSC 2021, the collision attack on 2-round ASCON-HASH with time complexity 2103 was proposed. Due to its small rate, it is always required to utilize at least 2 message blocks to mount a collision attack because each message block is only of size 64 bits. This significantly increases the difficulty of the analysis because one almost needs to analyze equivalently at least 2ℓ rounds of ASCON in order to break ℓ rounds. In this paper, we make some critical observations on the round function of ASCON, especially a 2-round property. It is found that such properties can be exploited to reduce the time complexity of the 2-round collision attack to 262.6. Although the number of attacked rounds is not improved, we believe our techniques shed more insight into the properties of the ASCON permutation and we expect they can be useful for the future research.

AB - ASCON, a lightweight permutation-based primitive, has been selected as NIST’s lightweight cryptography standard. ASCON-HASH is one of the hash functions provided by the cipher suite ASCON. At ToSC 2021, the collision attack on 2-round ASCON-HASH with time complexity 2103 was proposed. Due to its small rate, it is always required to utilize at least 2 message blocks to mount a collision attack because each message block is only of size 64 bits. This significantly increases the difficulty of the analysis because one almost needs to analyze equivalently at least 2ℓ rounds of ASCON in order to break ℓ rounds. In this paper, we make some critical observations on the round function of ASCON, especially a 2-round property. It is found that such properties can be exploited to reduce the time complexity of the 2-round collision attack to 262.6. Although the number of attacked rounds is not improved, we believe our techniques shed more insight into the properties of the ASCON permutation and we expect they can be useful for the future research.

KW - ASCON

KW - ASCON-HASH

KW - Algebraic Technique

KW - Collision Attack

UR - https://www.scopus.com/pages/publications/85187650613

U2 - 10.1007/978-3-031-53368-6_2

DO - 10.1007/978-3-031-53368-6_2

M3 - 会议稿件

AN - SCOPUS:85187650613

SN - 9783031533679

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 22

EP - 42

BT - Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers

A2 - Carlet, Claude

A2 - Mandal, Kalikinkar

A2 - Rijmen, Vincent

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 14 August 2023 through 18 August 2023

ER -

Yu X, Liu F, Wang G, Sun S, Meier W. A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH. In Carlet C, Carlet C, Mandal K, Rijmen V, Rijmen V, editors, Selected Areas in Cryptography – SAC 2023 - 30th International Conference, 2023, Revised Selected Papers. Springer Science and Business Media Deutschland GmbH. 2024. p. 22-42. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-53368-6_2