Collisions for two branches of FORK-256
نویسندگان
چکیده
This note presents analysis of the compression function of a recently proposed hash function, FORK-256. We exhibit some unexpected differentials existing for the step transformation and show their possible uses in collision-finding attacks on different simplified variants of FORK-256. Finally, as a concrete application of those observations we present a method of finding chosen IV collisions for a variant of FORK256 reduced to two branches : either 1 and 2 or 3 and 4. Version: 1.1, last modified: 27 Sept 2006
منابع مشابه
Weaknesses of the FORK-256 compression function
This report presents analysis of the compression function of a recently proposed hash function, FORK-256. We exhibit some unexpected differentials existing for the step transformation and show their possible uses in collision-finding attacks on different variants of FORK256. As a simple application of those observations we present a method of finding chosen IV collisions for a variant of FORK-2...
متن کاملExtending FORK-256 Attack to the Full Hash Function
In a paper published in FSE 2007, a way of obtaining nearcollisions and in theory also collisions for the FORK-256 hash function was presented [8]. The paper contained examples of near-collisions for the compression function, but in practice the attack could not be extended to the full function due to large memory requirements and computation time. In this paper we improve the attack and show t...
متن کاملCryptanalysis of FORK-256
In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with com...
متن کاملJERIM-320: A new 320-Bit Hash Function Compared to Hash Functions with Parallel Branches
This paper describes JERIM-320, a new 320-bit hash function used for ensuring message integrity and details a comparison with popular hash functions of similar design. JERIM-320 and FORK -256 operate on four parallel lines of message processing while RIPEMD-320 operates on two parallel lines. Popular hash functions like MD5 and SHA-1 use serial successive iteration for designing compression fun...
متن کاملCryptanalysis of Reduced Variants of the FORK-256 Hash Function
FORK-256 is a hash function presented at FSE 2006.Whereas SHA-like designs process messages in one stream, FORK-256 uses four parallel streams for hashing. In this article, we present the first cryptanalytic results on this design strategy. First, we study a linearized variant of FORK-256, and show several unusual properties of this linearized variant. We also explain why the linearized model c...
متن کامل