In this work, we present several new generic second-preimage attacks on hash functions. Our first attack is based on the herding attack and applies to various Merkle-Damgard-based iterative hash functions. Compared to the previously known long-message second-preimage attacks, our attack offers ...
This paper proposes a preimage attack on SM3 hash function reduced to 30 steps. SM3 is an iterated hash function based on the Merkle-Damgrd design. It is a hash function used in applications such as the electronic certification service system in China. Our cryptanalysis is based on the Meet...
Preimage attackGOST R 34.11-2012StribogSummary: In August 2012, the Stribog hash function was selected as the new Russian cryptographic hash standard (GOST R 34.11-2012). Stribog employs twelve rounds of an AES-based compression function operating in Miyaguchi-Preneel mode. In this paper, we ...
17 -- 24:00 App [FSE 2022] - Fake Near Collisions Attack 34 -- 24:43 App [FSE 2022] - Provably Quantum-Secure Tweakable Block Ciphers 112 -- 50:51 App 【Chainlink 2021秋季黑客松】使用EVM Opcodes认识并控制智能合约 1万 73 22:17 App 【SM3加密算法】|密码杂凑算法 | Hash算法 | 密码...
Such hash function is needed to process a challenge, a message, an identifier or a private key. In this paper, we propose an attack against HAVAL-3 hash function, which is used in open source Tripwire and is included in GNU Crypto. Under the meet-in-the-middle (MITM) preimage attack ...
This research is based on the motivation that we should evaluate classical and important security notions for hash functions and avoid complicated attack models that seem to have little relevance in practice. We apply a recently developed meet-in-the-middle preimage approach. As a result, we ...
This paper contains several attacks on the hash function MD2 which has a hash code size of 128 bits. At Asiacrypt 2004 Muller presents the first known preimage attack on MD2. The time complexity of the attack is about 2 104 and the prei... LR Knudsen,JE Mathiassen - Springer Berlin Heid...
Summary: In this paper, generic attacks are presented against hash functions that are constructed by a hashing mode instantiating a Feistel or generalized Feistel networks with an SP-round function. It is observed that the omission of the network twist in the last round can be a weakness against...
This paper proposes new attacks against reduced SHA-0 and SHA-1 hash functions by analyzing a message schedule that does not consist of permutations but linear combinations of message words. The newly developed cryptanalytic techniques enable the meet-in-the-middle attack to be applied to reduced ...
In any attack, the maximum number of attacked rounds is 7. On the other hand, block ciphers are sometimes used as hash functions through mode-of-operations. For example, if one needs both a block-cipher and a hash function in a resource-restricted environment such as RFID Tag, only a ...