Cryptanalysis of the Compression Function of SIMD
نویسندگان
چکیده
SIMD is one of the second round candidates of the SHA3 competition hosted by NIST. In this paper, we present some results on the compression function of SIMD 1.1 (the tweaked version) using the modular difference method. For SIMD-256, We give a free-start near collision attack on the compression function reduced to 20 steps with complexity 2−107. And for SIMD-512, we give a free-start near collision attack on the 24-step compression function with complexity 2. Furthermore, we give a distinguisher attack on the full compression function of SIMD-512 with complexity 2. Our attacks are also applicable for the final compression function of SIMD.
منابع مشابه
A Distinguisher for the Compression Function of SIMD-512
SIMD is one of the round 2 candidates of the public SHA-3 competition hosted by NIST. It was designed by Leurent et al.. In this paper, we present a distinguisher attack on the compression function of SIMD-512. By linearizing the compression function we construct a linear code. Using techniques from coding theory to search for low Hamming weight codewords, we can find differential characteristi...
متن کاملRevisiting the IDEA Philosophy
Since almost two decades, the block cipher IDEA has resisted an exceptional number of cryptanalysis attempts. At the time of writing, the best published attack works against 6 out of the 8.5 rounds (in the non-related-key attacks model), employs almost the whole codebook, and improves the complexity of an exhaustive key search by a factor of only two. In a parallel way, Lipmaa demonstrated that...
متن کاملFast keyed hash/pseudo-random function using SIMD multiply and permute
HighwayHash is a new pseudo-random function based on AVX2 multiply and permute instructions for thorough and fast hashing. It is 3.8 times as fast as SipHash for 1 KB inputs. An open-source implementation is available under a permissive license. We discuss design choices and provide statistical analysis, speed measurements and preliminary cryptanalysis. Assuming it withstands further analysis, ...
متن کاملSecurity Analysis of SIMD
In this paper we study the security of the SHA-3 candidate SIMD. We first show a new free-start distinguisher based on symmetry relations. It allows to distinguish the compression function of SIMD from a random function with a single evaluation. However, we also show that this property is very hard to exploit to mount any attack on the hash function because of the mode of operation of the compr...
متن کاملBoomerang Distinguisher for the SIMD-512 Compression Function
In this paper, we present a distinguisher for the permutation of SIMD-512 with complexity 2. We extend the attack to a distinguisher for the compression function with complexity 2. The attack is based on the application of the boomerang attack for hash functions. Starting from the middle of the compression function we use techniques from coding theory to search for two differential characterist...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010