Distinguishing and Key-recovery Attacks against Wheesht

Abstract : Wheesht is one of the candidates to the CAESAR competition. In this note we present several attacks on Wheesht, showing that it is far from the advertised security level of 256 bits. In particular we describe a distinguishing attack with $2^{70.3}$ known plaintext words for any number of rounds of Wheesht, and a key-recovery attack (recovering the encryption key) for versions of Wheesht with a single finalization round with very little data and time complexity $2^{192}$.
Document type :
Preprints, Working Papers, ...
Complete list of metadatas

Cited literature [3 references]  Display  Hide  Download

https://hal.inria.fr/hal-00966346
Contributor : Anne Canteaut <>
Submitted on : Wednesday, March 26, 2014 - 3:51:35 PM
Last modification on : Friday, May 25, 2018 - 12:02:05 PM
Long-term archiving on: Monday, April 10, 2017 - 3:55:42 AM

File

wheesht.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-00966346, version 2

Collections

Citation

Anne Canteaut, Gaëtan Leurent. Distinguishing and Key-recovery Attacks against Wheesht. 2014. ⟨hal-00966346v2⟩

Share

Metrics

Record views

400

Files downloads

121