منابع مشابه
Biclique Cryptanalysis of Full Round AES-128 Based Hashing Modes
In this work, we revisit the security analysis of AES-128 instantiated hash modes. We use biclique cryptanalysis technique as our basis for the attack. The traditional biclique approach used for key recovery in AES (and preimage search in AES based compression function) cannot be applied directly to hash function settings due to restrictions imposed on message input due to padding. Under this c...
متن کاملImproved Cryptanalysis of Reduced RIPEMD-160
In this article, we propose an improved cryptanalysis of the double-branch hash function standard RIPEMD-160. Using a carefully designed non-linear path search tool, we study the potential differential paths that can be constructed from a difference in a single message word and show that some of these message words can lead to very good differential path candidates. Leveraging the recent freedo...
متن کاملCryptanalysis of LILI-128
LILI-128 is a stream cipher that was submitted to NESSIE. Strangely, the designers do not really seem to have tried to ensure that cryptanalysis is no easier than by exhaustive key search. We show that there are indeed attacks faster than exhaustive key search. We also demonstrate a related key attack which has very low complexity, and which could be of practical significance if the cipher were...
متن کامل2-Dimension Sums: Distinguishers Beyond Three Rounds of RIPEMD-128 and RIPEMD-160
This paper presents differential-based distinguishers against ISO standard hash functions RIPEMD-128 and RIPEMD-160. The compression functions of RIPEMD-128/-160 adopt the doublebranch structure, which updates a chaining variable by computing two functions and merging their outputs. Due to the double size of the internal state and difficulties of controlling two functions simultaneously, only f...
متن کاملCryptanalysis of Achterbahn-128/80
This paper presents two key-recovery attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn80, has complexity 2. The attack against Achterbahn-128 requires 2 operations and 2 keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against Achterb...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Cryptology
سال: 2015
ISSN: 0933-2790,1432-1378
DOI: 10.1007/s00145-015-9213-5