Preimage Attack on Hashing with Polynomials proposed at ICISC'06
نویسنده
چکیده
In this paper, we suggest a preimage attack on Hashing with Polynomials [2]. The algorithm has n-bit hash output and n-bit intermediate state. (for example, n = 163). The algorithm is very simple and light so that it can be implement in low memory environment. Our attack is based on the meet-in-the-middle attack. We show that we can find a preimage with the time complexity 2 + 2 ∗ (n+1/33) and the memory 2 even though the recursive formula H uses any f whose each term’s degree in terms of x is 2 for a non-negative integer a. We recommend that hash functions such as Hashing with Polynomials should have the intermediate state size at least two times bigger than the output size.
منابع مشابه
Preimage Attack on Parallel FFT-Hashing
Parallel FFT-Hashing was designed by C. P. Schnorr and S. Vaudenay in 1993. The function is a simple and light weight hash algorithm with 128-bit digest. Its basic component is a multi-permutation which helps in proving its resistance to collision attacks. In this work we show a preimage attack on Parallel FFT-Hashing with complexity 2 + 2 and memory 2 which is less than the generic complexity ...
متن کاملPreimage Attacks On Provably Secure FFT Hashing proposed at Second Hash Workshop in 2006
‘Provably Secure FFT Hashing’ (We call FFT-Hash in this paper) was suggested by Lyubashevsky et al.. in Second Hash Workshop in Aug. 2006. This paper shows preimage attacks on hash functions based on three modes of FFT-Hash. In case of ‘Nano’ whose output size is 513 bits, we can find a preimage with complexity 2. In case of ‘Mini’ whose output size is 1025 bits, we can find a preimage with com...
متن کاملAn Investigation of the Enhanced Target Collision Resistance Property for Hash Functions
We revisit the enhanced target collision resistance (eTCR) property as a newly emerged notion of security for dedicated-key hash functions, which has been put forth by Halevi and Krawczyk at CRYPTO’06, in conjunction with the Randomized Hashing mode to achieve this property. Our contribution is twofold. Firstly, we provide a full picture of the relationships between eTCR and each of the seven s...
متن کاملHashing with Polynomials
In this paper, we explore potential mathematical principles and structures that can provide the foundation for cryptographic hash functions, and also present a simple and efficiently computable hash function based on a non-associative operation with polynomials over a finite field of characteristic 2.
متن کاملMeet-in-the-Middle Preimage Attacks on AES Hashing Modes and an Application to Whirlpool
We study the security of AES in the open-key setting by showing an analysis on hash function modes instantiating AES including Davies-Meyer, Matyas-Meyer-Oseas, and Miyaguchi-Preneel modes. In particular, we propose preimage attacks on these constructions, while most of previous work focused their attention on collision attacks or distinguishers using non-ideal differential properties. This res...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2006 شماره
صفحات -
تاریخ انتشار 2006