We propose a hash function based on three design principles: the sponge construction, ARX operations, and the wide trail strategy. While the sponge construction applies generically to any sufficiently strong permutation, the wide trail strategy and the ARX operations are naturally somewhat incompatible. We show that while the ARX operations provide only very weakly nonlinear S-boxes, it is possible to build very strong linear diffusion layers with them. As a result, the wide trail argument, which bounds the attacker’s success probability in terms of the minimum number of active S-boxes across two rounds, survives. The proposed hash function is one of a very select group of ARX ciphers featuring rigorous bounds against differential and linear cryptanalysis.
|Tijdschrift||Proceedings of the Romanian Academy, Series A|
|Nummer van het tijdschrift||1|
|Status||Gepubliceerd - 10 mrt 2020|
Ashur, T., & Szepieniec, A. (2020). Eaglesong: an ARX hash with fast diffusion. Proceedings of the Romanian Academy, Series A, 21(1), 69-76. . https://acad.ro/sectii2002/proceedings/doc2020-1/09-Szepieniec.pdf