Rebound Attacks on Stribog
نویسندگان
چکیده
In August 2012, the Stribog hash function was selected as the new Russian hash standard (GOST R 34.11-2012). Stribog is an AES-based primitive and is considered as an asymmetric reply to the new SHA-3. In this paper we investigate the collision resistance of the Stribog compression function and its internal cipher. Specifically, we present a message differential path for the internal block cipher that allows us to efficiently obtain a 5-round free-start collision and a 7.75 free-start near collision for the internal cipher with complexities 2 and 2, respectively. Finally, the compression function is analyzed and a 7.75 round semi free-start collision, 8.75 and 9.75 round semi free-start near collisions are presented along with an example for 4.75 round 49 out of 64 bytes near colliding message pair.
منابع مشابه
Preimage Attacks on Reduced-Round Stribog
In August 2012, the Stribog hash function was selected as the new Russian cryptographic hash standard (GOST R 34.11-2012). Stribog employs twelve rounds of an AES-based compression function operating in Miyaguchi-Preneel mode. In this paper, we investigate the preimage resistance of the Stribog hash function. Specifically, we apply a meet in the middle preimage attack on the compression functio...
متن کاملHow to Improve Rebound Attacks
Rebound attacks are a state-of-the-art analysis method for hash functions. These cryptanalysis methods are based on a well chosen differential path and have been applied to several hash functions from the SHA-3 competition, providing the best known analysis in these cases. In this paper we study rebound attacks in detail and find for a large number of cases that the complexities of existing att...
متن کاملProphylactic Activity of Cyproheptadine and Bellergal on Migraine Headache
Background: A wide range of preventive medications for migraine attacks, with varying efficacy is currently in use. Studies comparing the efficacies of these drugs would be of value in the proper treatment of the disease. The present study compared the frequency, duration and intensity of migraine attacks during and following treatment with cyproheptadine (4 mg, twice daily) or Blellergal (bell...
متن کاملAnalysis of the Kupyna-256 Hash Function
The hash function Kupyna was recently published as the Ukrainian standard DSTU 7564:2014. It is structurally very similar to the SHA-3 finalist Grøstl, but differs in details of the round transformations. Most notably, some of the round constants are added with a modular addition, rather than bitwise xor. This change prevents a straightforward application of some recent attacks, in particular o...
متن کاملDouble-SP Is Weaker Than Single-SP: Rebound Attacks on Feistel Ciphers with Several Rounds
1 Research Summary Comparing the security of single-SP and double-SP round functions on the generalized Feistel. – Assumption: an infinite number of rounds – Results: double-SP causes more active S-boxes than single-SP, and thus double-SP is more secure. – Motivation: a number of rounds is small in practice. – Results: For 6 or 7 rounds, the rebound attack works more for double-SP than single-SP.
متن کامل