Yang et al. recently proposed a new algebraic attack strategy based on resultant for Rescue-Prime, Anemoi and Jarvis.
Symmetric Techniques for Advanced Protocols
(The website is still under development. Please contact us at stap-zoo-keepers@inria.fr if you have any comments, or suggestions of relevant work that we may have missed.)
The term STAP (Symmetric Techniques for Advanced Protocols) was first introduced in STAP’23, an affiliated workshop of Eurocrypt’23. It generally refers to algorithms in symmetric cryptography specifically designed to be efficient in new advanced cryptographic protocols. These contexts include zero-knowledge (ZK) proofs, secure multiparty computation (MPC) and (fully) homomorphic encryption (FHE) environments. It encompasses everything from arithmetization-oriented hash functions to homomorphic encryption-friendly stream ciphers.
STAP Zoo
We present a collection of proposed symmetric primitives fitting the STAP description and keep track of recent advances regarding their security and consequent updates. These may be filtered according to their features; we categorize them into different groups regarding primitive-type (block cipher, stream cipher, hash function or PRF) and use-case (FHE, MPC and ZK).
For each STAP-primitive, we provide a brief overview of its main cryptographic characteristics, including:
- Basic general information: designers, year, conference/journal where it was first introduced and reference.
- Basic cryptographic properties such as description of the primitive (and relevant diagrams when applicable), use-case and proposed parameter sets.
- Relevant known attacks/weaknesses.
- Properties of its best hardware implementation.
When applicable, we also mention connections and relations between different designs.
News
Vision Mark-32: A new ZK-friendly hash function for binary fields
Vision Mark-32 is a modified instance of Vision proposed by Ashur et al. with an optimized number of rounds and an efficient MDS matrix.
The FreeLunch attack against ZK-friendly primitives
The algebraic FreeLunch attack proposed by Bariant et al. challenges the security of fullround instances of some ZK-friendly hash functions, namely Anemoi, Arion and Griffin.
STAP Lounge
The STAP Zoo currently collects information about the following list of primitives:
◊ Anemoi
◊ Arion
◊ Chaghri
◊ Ciminion
◊ Dark Matter PRF
◊ Elisabeth
◊ FLIP variants
– FiLIP
– FLIP
◊ GMiMC
◊ Goldreich’s PRG
◊ Grendel
◊ Griffin
◊ Hera
◊ Kreyvium
◊ LowMC
◊ MARVELlous designs
– Friday
– Jarvis
◊ Marvellous designs
– Rescue
– Rescue-Prime
– Rescue-Prime Optimized
– Vision
– Vision Mark-32
– XHash8 and XHash12
◊ MiMC
◊ Monolith
◊ Poseidon variants
– HadesMiMC
– Neptune
– Poseidon
– Poseidon 2
◊ Rain
◊ Rasta variants
– Dasta
– Fasta
– Masta
– Pasta
– Rasta
◊ Reinforced Concrete
◊ Rubato
◊ Small-pSquare
◊ Tip5 variants
– Tip4 and Tip4′
– Tip5