Algebraic-differential analysis of Keccak

• Thesis title in Czech: Algebraicko-diferenční analýza Keccaku
• Thesis title in English: Algebraic-differential analysis of Keccak
• Key words: Keccak, SHA-3, diferenciální kryptoanalýza, algebraická kryptoanalýza, kryptografická hašovací funkce
• English key words: Keccak, SHA-3, differential cryptanalysis, algebraic cryptanalysis, cryptographic hash function
• Academic year of topic announcement: 2014/2015
• Thesis type: diploma thesis
• Thesis language: angličtina
• Department: Department of Algebra (32-KA)
• Supervisor: doc. Faruk Göloglu, Dr. rer. nat.
• Author: hidden - assigned and confirmed by the Study Dept.
• Date of registration: 16.01.2015
• Date of assignment: 16.01.2015
• Confirmed by Study dept. on: 04.02.2015
• Date and time of defence: 11.02.2016 00:00
• Date of electronic submission: 02.12.2015
• Date of submission of printed version: 04.12.2015
• Date of proceeded defence: 11.02.2016
• Opponents: RNDr. Michal Hojsík, Ph.D.
• Advisors: Joan Daemen

Guidelines

The student should carefully go through the Reference book [1] and understand well the working principles of the Keccak cryptosystem. Then she should study the analysis described in [2]. The bulk of thesis will rest in an attempt to adapt the methods of [2] to Keccak. The main idea is to apply the techniques of Groebner bases (or other algebraic techniques) to finding suitable differential pairs.

References

[1] G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche, The Keccak reference, January 2011,http://keccak.noekeon.org/.

[2] C. Bouillaguet and P. Fouque, Analysis of the collision resistance of RadioGatún using algebraic techniques, SAC 2008 Roberto Maria Avanzi, Liam Keliher, and Francesco Sica, eds.), Lecture Notes in Computer Science, vol. 5381, Springer, 2008, pp. 245–261.

[3] D. A. Cox, J. B. Little, and D. O’Shea, Ideals, varieties, and algorithms, third ed., Springer, 2007.

Preliminary scope of work

Diferenciály a diferenční cesty, které mají vysokou pravděpodobnost, lze užít k útoku na kryptografické primitivy. Má-li diferenční cesta vysokou pravděpodobnost, znamená to, že existuje mnoho párů, které ji splňují. Při odhadu bezpečnosti hashovací funkce Keccak a funkcí pro autentizované šifrování Keyak a Ketje je zajímavé zkoumat diferenční cesty ve variantách funkce Keccak-f se sníženým počtem rund. V porozumění a konstrukci takových cest s relativně vysokou pravděpodobností byly učiněny pokroky avšak relativně málo pozornosti bylo věnováno úloze, jak pro danou cestu v Keccak-f najít páry, které ji splňují. Diplomová práce se bude věnovat hledání těchto párů pomocí algebraických metod, jako jsou např. Gröbnerovy báze.

Preliminary scope of work in English

Differentials and differential trails with a high differential probability (DP) can be used to attack cryptographic primitives. For a differential trail, having a high DP means that there exist many pairs that follow it. For estimating the safety margin of Keccak, Keyak and Ketje, it is interesting to investigate differential trails in reduced-round versions of Keccak-f. Advances have been made in the understanding and construction of such trails with relatively high DP. However, given such a trail, actually finding pairs that follow it is a problem that has received little attention for Keccak-f. In this thesis this problem will be addressed by using algebraic solving techniques such as Gröbner bases.