Cryptanalysis of Dynamic SHA(2)
نویسندگان
چکیده
In this paper, we analyze the hash functions Dynamic SHA and Dynamic SHA2, which have been selected as first round candidates in the NIST hash function competition. These hash functions rely heavily on data-dependent rotations, similar to certain block ciphers, e.g., RC5. Our analysis suggests that in the case of hash functions, where the attacker has more control over the rotations, this approach is less favorable than in block ciphers. We present practical, or close to practical, collision attacks on both Dynamic SHA and Dynamic SHA2. Moreover, we present a preimage attack on Dynamic SHA that is faster than exhaustive search.
منابع مشابه
Higher Order Differential Cryptanalysis on the SHA-3 Cryptographic Hash Algorithm Competition Candidates
SHA-3 Cryptographic Hash Algorithm Competition is a competition raised by NIST in response to recent advances of cryptanalysis, aiming at selecting new hash algorithm instead of SHA-2 like AES selection. The compression function of a hash function could be written in the form of multivariate boolean function. In this paper, we introduce our algorithms of evaluating boolean function and applied ...
متن کاملPseudo-cryptanalysis of Blue Midnight Wish
We describe pseudo-collision and pseudo-(second) preimage attacks on the SHA-3 candidate Blue Midnight Wish. The complexity of the pseudo-collision attack is around 2, and the complexity of the pseudo-(second) preimage attack is around 2.
متن کاملAnalysis of SHA-512/224 and SHA-512/256
In 2012, NIST standardized SHA-512/224 and SHA-512/256, two truncated variants of SHA-512, in FIPS 180-4. These two hash functions are faster than SHA-224 and SHA-256 on 64-bit platforms, while maintaining the same hash size and claimed security level. So far, no third-party analysis of SHA-512/224 or SHA-512/256 has been published. In this work, we examine the collision resistance of step-redu...
متن کاملBicliques for Preimages: Attacks on Skein-512 and the SHA-2 Family
We present a new concept of biclique as a tool for preimage attacks, which employs many powerful techniques from differential cryptanalysis of block ciphers and hash functions. The new tool has proved to be widely applicable by inspiring many authors to publish new results of the full versions of AES, KASUMI, IDEA, and Square. In this paper, we show how our concept leads to the first cryptanaly...
متن کاملAlgebraic Cryptanalysis of 58-Round SHA-1
In 2004, a new attack against SHA-1 has been proposed by a team leaded by Wang [15]. The aim of this article is to sophisticate and improve Wang’s attack by using algebraic techniques. We introduce new notions, namely semi-neutral bit and adjuster and propose then an improved message modification technique based on algebraic techniques. In the case of the 58-round SHA-1, the experimental comple...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009