中文摘要：

Keccak自2012年被宣布为新一代Hash函数标准SHA-3后受到密码学界的高度关注,成为当前Hash函数研究的热点。文中给出了SHA-3轮函数中ρ、π和χ三个变换的逆变换。ρ变换只在同一道内沿z轴正向循环移位,故依据其移位距离表沿z轴负方向移位同样距离即得到其逆变换ρ-1;π变换依赖于GF（5）上一个2阶变换矩阵,利用高斯消元法对此方阵求逆可得到其逆矩阵,也即得到了π变换的逆变换;χ变换是SHA-3轮函数中唯一的非线性变换,首先列出χ变换的真值表,然后通过真值表推导得出了其逆变换χ-1的布尔函数表达式。基于ρ^-1、π^-1和χ^-1,可利用中间相遇攻击的思想构造差分路径对SHA-3进行攻击,通过消息修改技术使差分路径以概率1通过χ-1,能够大大提高攻击成功的概率。

英文摘要：

Keccak has become a hotspot after it has been selected as the newHash standard SHA- 3 in 2012. In this paper,give the inverse mappings of ρ,π and χ mappings in SHA- 3 permutation. ρ mapping intends to provide intra lane diffusion along z axis. By shifting toward the reverse direction in terms of the same rotation constants table of ρ,can get its inverse mapping ρ^-1. The inverse mapping of π is obtained by using Gauss elimination method on the transformational matrix of π in GF（ 5）. χ mapping is the only non- linear mapping of SHA- 3 permutation,give its inverse mapping in the form of Boolean function expression through the truth table of χ. By means of the inverse mappings of ρ,π and χ,a differential attack on SHA- 3 can be implemented using the meet- in- the- middle thought. In addition,by using the message modification technique,the differential path can be through χ^-1with probability 1,thus greatly improving the success probability of the attack.