Cryptanalysis of RadioGatún
نویسندگان
چکیده
In this paper we study the security of the RadioGatún family of hash functions, and more precisely the collision resistance of this proposal. We show that it is possible to find differential paths with acceptable probability of success. Then, by using the freedom degrees available from the incoming message words, we provide a significant improvement over the best previously known cryptanalysis. As a proof of concept, we provide a colliding pair of messages for RadioGatún with 2-bit words. We finally argue that, under some light assumption, our technique is very likely to provide the first collision attack on RadioGatún.
منابع مشابه
Two Attacks on RadioGatún
We investigate the security of the hash function design called RadioGatún in a recently proposed framework of sponge functions. We show that previously introduced symmetric trails can hardly be used to construct collisions and to find a second preimage efficiently. As a generalization of truncated differentials, trails with linear and non-linear restrictions on differences are proposed. We use ...
متن کاملCryptanalysis and design of symmetric primitives
This thesis focuses on the cryptanalysis and the design of block ciphers and hash functions. The thesis starts with an overview of methods for cryptanalysis of block ciphers which are based on differential cryptanalysis. We explain these concepts and also several combinations of these attacks. We propose new attacks on reduced versions of ARIA and AES. Furthermore, we analyze the strength of th...
متن کاملConception, preuves et analyse de fonctions de hachage cryptographiques. (Design, security proofs and cryptanalysis of cryptographic hash functions)
This Thesis focuses on hash functions, which are used in numerous cryptographic mechanisms. We present various results, that belong to the fields of design and security analysis of hash functions. In the first part we introduce the field of hash functions. We describe how they are used in cryptography, and how to formalize security notions that guarantee their robustness in their various use ca...
متن کاملSlide Attacks on a Class of Hash Functions
This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery at...
متن کاملThe Road from Panama to Keccak via RadioGatún
In this paper, we explain the design choices of Panama [8] and RadioGatún [1], which lead to Keccak [3]. After a brief recall of Panama, RadioGatún and the trail backtracking cost, we focus on three important aspects. First, we explain the role of the belt in the light of differential trails. Second, we discuss the relative advantages of a block mode hash function compared to a stream mode one....
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008