Related-Key Rectangle Attack of the Full HAS-160 Encryption Mode
نویسندگان
چکیده
In this paper we investigate the security of the compression function of HAS-160 in encryption mode. The structure of HAS-160 is similar to SHA-1 besides some modifications.This is the first cryptographic attack that breaks the encryption mode of the full 80-round HAS-160. We apply a key recovery attack that requires 2 chosen plaintexts and 2 80-round HAS-160 encryptions. The attack does not aim for a collision, preimage or 2nd-preimage attack, but it shows that HAS-160’s compression function used as a block cipher is not an ideal cipher.
منابع مشابه
Related-Key Rectangle Attack of the Full 80-Round HAS-160 Encryption Mode
In this paper we investigate the security of the encryption mode of the HAS-160 hash function. HAS-160 is a Korean hash standard which is widely used in Korea’s industry. The structure of HAS-160 is similar to SHA-1 but includes some improvements. The encryption mode of HAS-160 is defined similarly as the encryption mode of SHA-1 that is called SHACAL-1. In 2006, Dunkelman et. al. [10] successf...
متن کاملCombined Differential, Linear and Related-Key Attacks on Block Ciphers and MAC Algorithms
Differential and linear attacks are the most widely used cryptanalytic tools to evaluate the security of symmetric-key cryptography. Since the introduction of differential and linear attacks in the early 1990’s, various variants of these attacks have been proposed such as the truncated differential attack, the impossible differential attack, the square attack, the boomerang attack, the rectangl...
متن کاملRelated-key rectangle cryptanalysis of Rijndael-160 and Rijndael-192
In this paper we present the first related-key rectangle cryptanalysis of Rijndael-160/160 and Rijndael-192/192. Our attack on Rijndael-160/160 covers eight rounds. The attack complexities are 2 chosen plaintexts, 2 8-round Rijndael-160/160 encryptions and 2 bytes. Our attack on Rijndael-192/192 covers ten rounds. It requires 2 chosen plaintexts, 2 10-round Rijndael192/192 encryptions and 2 byt...
متن کاملA Related-Key Rectangle Attack on the Full KASUMI
KASUMI is an 8-round Feistel block cipher used in the confidentiality and the integrity algorithms of the 3GPP mobile communications. As more and more 3GPP networks are being deployed, more and more users use KASUMI to protect their privacy. Previously known attacks on KASUMI can break up to 6 out of the 8 rounds faster than exhaustive key search, and no attacks on the full KASUMI have been pub...
متن کاملImpossible Differential Cryptanalysis on Deoxys-BC-256
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round...
متن کامل