Cybersecurity (May 2025)
Preimage and collision attacks on reduced Ascon using algebraic strategies
Abstract
Abstract Ascon, a family of algorithms that supports hashing and authenticated encryption, is the winner of the NIST Lightweight Cryptography Project. In this paper, we propose an improved preimage attack against 2-round Ascon-XOF-64 with a complexity of $$2^{33}$$ 2 33 via a more effective guessing strategy. Furthermore, we successfully extend our preimage attack on 2-round Ascon-XOF-64 to 2-round Ascon-XOF-128, achieving a complexity of $$2^{97}$$ 2 97 , which is currently the best preimage attack against 2-round Ascon-XOF-128. Apart from the preimage attack, we also investigate the resistance of Ascon-HASH against collision attacks. To be specific, we introduce the linearization of the inverse of S-boxes and then propose a free-start collision attack on 3-round Ascon-HASH with a complexity of $$2^{14}$$ 2 14 using a differential trail searched dedicatedly. In addition, we construct different 2-round connectors using the linearization of the inverse of S-boxes and successfully extend the collision attack to 4 rounds and 5 rounds of Ascon-HASH with complexities of $$2^{18}$$ 2 18 and $$2^{41}$$ 2 41 , respectively. Although our attacks do not compromise the security of the full 12-round Ascon-XOF and Ascon-HASH, they provide some insights into Ascon’s security.
Keywords
