The paper is available on the IACR ePrint Archive and can be cited using the following bibtex record.
@inproceedings{sacrypt/NagelerSE25,
author = {Marcel Nageler and Lorenz Schmid and Maria Eichlseder},
title = {Preimage-Type Attacks for Reduced {Ascon}-Hash: Application to {Ed25519}},
booktitle = {{SAC} 2025},
xeditor = {Christina Boura and Atefeh Mashatan and Ali Miri},
series = {LNCS},
volume = {16207},
pages = {3--25},
publisher = {Springer},
year = {2025},
doi = {10.1007/978-3-032-10536-3_1},
biburl = {https://dblp.org/rec/conf/sacrypt/NagelerSE25.bib},
xurl = {https://doi.org/10.1007/978-3-032-10536-3_1},
}You can find the code to prepare the internal state (Section 4.2) in
linearized_ascon/experiment_initial_conditions.py
You can find the code to find a random-prefix-preimage based on a prepared internal state (Section 4.3) in
linearized_ascon/experiment_more_solutions.py(Python version)fast_linearized_ascon(optimized C++ version)