Cryptanalysis of MDC-2
نویسندگان
چکیده
We provide a collision attack and preimage attacks on the MDC-2 construction, which is a method (dating back to 1988) of turning an n-bit block cipher into a 2n-bit hash function. The collision attack is the first below the birthday bound to be described for MDC-2 and, with n = 128, it has complexity 2, which is to be compared to the birthday attack having complexity 2. The preimage attacks constitute new time/memory trade-offs; the most efficient attack requires time and space about 2, which is to be compared to the previous best known preimage attack of Lai and Massey (Eurocrypt ’92), having time complexity 2 and space complexity 2, and to a brute force preimage attack having complexity 2.
منابع مشابه
New Preimage Attack on MDC-4
In this paper, we provide some cryptanalytic results for double-blocklength (DBL) hash modes of block ciphers, MDC-4. Our preimage attacks follow the framework of Knudsen et al.’s time/memory tradeoff preimage attack on MDC-2. We find how to apply it to our objects. When the block length of the underlying block cipher is n bits, the most efficient preimage attack on MDC-4 requires time and spac...
متن کاملCryptanalysis of Block Ciphers Based on SHA-1 and MD5
We cryptanalyse some block cipher proposals that are based on dedicated hash functions SHA-1 and MD5. We discuss a related-key attack against SHACAL-1 and present a method for finding “slid pairs” for it. We also present simple attacks against MDC-MD5 and the Kaliski-Robshaw block cipher.
متن کاملA new method for accelerating impossible differential cryptanalysis and its application on LBlock
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...
متن کاملImpossible Differential Cryptanalysis on Deoxys-BC-256
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round...
متن کاملEffect of batch vs. continuous mode of operation on microbial desalination cell performance treating municipal wastewater
Microbial desalination cells (MDCs) have great potential as a cost-effective and green technology for simultaneous water desalination, organic matter removal and energy production. The aim of this study was to compare the performance of a MDC under batch and continuous feeding conditions. Hence, power and current output, coulombic efficiency, electron harvest rate, desalination rate and COD re...
متن کامل