## Practical complexity cube attacks

6 May 2014

Recently, Itai Dinur, Paweł Morawiecki, Josef Pieprzyk, Marian Srebrny and Michał Straus published new attacks on keyed instances of Keccak, i.e., when it is used as a stream cipher or to compute a message authentication code (MAC). The attacks are *cube attacks* that exploit the low algebraic degree of a primitive and have a data complexity of the order of 2^{n} if this degree is *n*. Since the round function has algebraic degree 2, the attacks can be applied on 5 or 6 rounds of Keccak-*f* with a practical complexity.

These attacks are the first ones with practical complexity to reach 6 rounds. Looking at more theoretical complexities, these attacks can most probably reach a few more rounds.