Exploiting Weak Diffusion of Gimli: Improved Distinguishers and Preimage Attacks
نویسندگان
چکیده
منابع مشابه
On quantum preimage attacks
We propose a preimage attack against cryptographic hash functions based on the speedup enabled by quantum computing. Preimage resistance is a fundamental property cryptographic hash functions must possess. The motivation behind this work relies in the lack of conventional attacks against newly introduced hash schemes such as the recently elected SHA-3 standard. The proposed algorithm consists o...
متن کاملPreimage and Collision Attacks on MD2
This paper contains several attacks on the hash function MD2 which has a hash code size of 128 bits. At Asiacrypt 2004 Muller presents the first known preimage attack on MD2. The time complexity of the attack is about 2 and the preimages consist always of 128 blocks. We present a preimage attack of complexity about 2 with the further advantage that the preimages are of variable lengths. Moreove...
متن کاملImproved distinguishers for HC-128
HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC128 paper. In this paper we first argue that the keystream requirement in Wu’s original attack is underestimated by a fact...
متن کاملQuantum Preimage and Collision Attacks on CubeHash
In this paper we show a quantum preimage attack on CubeHash-512-normal with complexity 2. This kind of attack is expected to cost 2 for a good 512-bit hash function, and we argue that this violates the expected security of CubeHash. The preimage attack can also be used as a collision attack, given that a generic quantum collision attack on a 512-bit hash function require 2 operations, as explai...
متن کاملPreimage Attacks on Reduced-Round Stribog
In August 2012, the Stribog hash function was selected as the new Russian cryptographic hash standard (GOST R 34.11-2012). Stribog employs twelve rounds of an AES-based compression function operating in Miyaguchi-Preneel mode. In this paper, we investigate the preimage resistance of the Stribog hash function. Specifically, we apply a meet in the middle preimage attack on the compression functio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR Transactions on Symmetric Cryptology
سال: 2021
ISSN: 2519-173X
DOI: 10.46586/tosc.v2021.i1.185-216