Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.4.617

A Quantum Free-Start Collision Attack on the Ascon-Hash  

Cho, Sehee (Kookmin University)
Baek, Seungjun (Kookmin University)
Kim, Jongsung (Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.4, 2022 , pp. 617-628 More about this Journal
Abstract
Ascon is one of the final round candidates of the NIST lightweight cryptography contest, which has been underway since 2015, and supports hash modes Ascon-Hash and Ascon-Xof. In this paper, we develop a MILP model for collision attack on the Ascon-Hash and search for a differential trail that can be used in a quantum setting through the model. In addition, we present an algorithm that allows an attacker who can use a quantum computer to find a quantum free-start collision attack of 3-round Ascon-Hash using the discovered differential trail. This attack is meaningful in that it is the first to analyze a collision attack on Ascon-Hash in a quantum setting.
Keywords
Ascon; Ascon-Hash; Quantum collision; Free-start collision; MILP;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Kumar Chauhan, A. Kumar and S. Kumar Sanadhya, "Quantum Free-Start Collision Attacks on Double Block Length Hashing with Round-Reduced AES-256", IACR Trans. Symmetric Cryptol, vol. 2021(1), pp. 316-336, 2021.   DOI
2 X. Dong, S. Sun, D. Shi, F. Gao, X. Wang and L. Hu, "Quantum Collision Attacks on AES-like Hashing with Low Quantum Random Access Memories", ASIACRYPT'20, LNCS 12492, pp. 727-757, 2020.
3 S. Baek, S. Cho and J. Kim. "Quantum cryptanalysis of the full AES-256-based Davies-Meyer, Hirose and MJH hash functions" Quantum Information Processing, vol. 21(5), pp. 1-32, 2022.   DOI
4 B. Ni, X. Dong, K. Jia and Q. You, "(Quantum) collision attacks on reduced simpira v2" IACR Transactions on Symmetric Cryptology, vol. 2021(2), pp. 222-248, 2021.
5 C. Dobraunig, M. Eichlseder, S. Manga rd, F. Mendel, B. Mennink, R. Primas and T. Unterluggauer, "Isap v2.0", "https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/isap-spec-final.pdf", 2021.
6 Z. Bao, A. Chakraborti, N. Datta, J. Gu o, M. Nandi, T. Peyrin and K. Yasuda, " PHOTON-beetle authenticated encryption and hash family", "https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/photon-beetle-spec-final.pdf", 2019.
7 C. Beierle, A. Biryukov, L.C. dos Santos, J. Grossschadl, L. Perrin, A. Udovenko, V. Velichkov, and Q. Wang, "Schwaemm and Esch: lightweight authenticated encryption and hashing using the Sparkle permutation family", "https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/sparkle-spec-final.pdf", 2019.
8 G. Bertoni, J. Daemen, M. Peeters and G. V. Assche, "Keccak", EUROCRYPT'13, LNCS 7881, pp. 313-314, 2013.
9 A. Hosoyamada and Y. Sasaki, "Quantum Collision Attacks on Reduced SHA-256 and SHA-512", CRYPTO'21, LNCS 12825, pp. 616-646, 2021.
10 L. K. Grover, "A fast quantum mechanical algorithm for database search", Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pp. 212-219, 1996.
11 A. Chailloux, M. Naya-Plasencia and A. Schrottenloher, "An Efficient Quantum Collision Search Algorithm and Implications on Symmetric Crypto-graphy", ASIACRYPT'17, LNCS 10625, pp.211-240, 2017.
12 S. Sun, L. Hu, L. Song, Y. Xie and P. Wang, "Automatic security evaluation of block ciphers with S-bP structures against related-key differential attacks", INSCRYPT'13, LNCS 8567, pp. 39-51, 2013.
13 A. Florez-Gutierrez, G. Leurent, M. Naya-Plasencia, L. Perrin, A. Schrottenloher and F. Sibleyras, "New Results on Gimli: Full-Permutation Distinguishers and Improved Collisions", ASIACRYPT'20, LNSC 12491, pp. 33-63, 2020.
14 G. Brassard, P. Hoyer and A. Tapp, "Quantum Cryptanalysis of Hash and Claw-Free Functions", LATIN'98, LNCS 1380, pp. 163-169, 1998.
15 S. Jaques, M. Naehrig, M. Roetteler and F. Virdia, "Implementing Grover oracles for quantum key search on AES and LowMC", EUROCRYPT'20, LNCS 12106, pp. 280-310, 2020.
16 C. Dobraunig, M. Eichlseder, F. Mendel and M. Schlaffer, "Ascon v1.2", "https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/ascon-spec-final.pdf", 2021.
17 R. Zong, X. Dong and X. Wang, "Collision attacks on round-reduced Gimli-Hash/Ascon-Xof/Ascon-Hash", Cryptology ePrint Archive, 2019.