Two Attacks on RadioGatún
نویسنده
چکیده
We investigate the security of the hash function design called RadioGatún in a recently proposed framework of sponge functions. We show that previously introduced symmetric trails can hardly be used to construct collisions and to find a second preimage efficiently. As a generalization of truncated differentials, trails with linear and non-linear restrictions on differences are proposed. We use these trails to find semifree-start collisions and second preimages with the meet-in-the middle approach and the complexity in the gap between claimed security level and the birthday bound. We also provide some observations on lower bounds on the complexity of our methods with respect to the length of the trail used. This is the best attack on RadioGatún.
منابع مشابه
Hash Function Designs Based on Stream Ciphers
Hash functions are fundamental components of many cryptographic applications. Due to the recent attacks on classical designs, alternative design approaches are proposed. In this paper, we give a survey for hash function constructions based stream ciphers mainly concentrating on Panama, RadioGatún and RC4-hash. Also, we propose an example hash function Dragon-Hash based on the stream cipher Dragon.
متن کاملAnalysis of the Collision Resistance of RadioGatúnUsing Algebraic Techniques
In this paper, we present some preliminary results on the security of the RadioGatún hash function. RadioGatún has an internal state of 58 words, and is parameterized by the word size, from one to 64 bits. We mostly study the one-bit version of RadioGatún since according to the authors, attacks on this version also affect the reasonably-sized versions. On this toy version, we revisit the claims...
متن کاملSlide Attacks on a Class of Hash Functions
This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery at...
متن کاملCryptanalysis and design of symmetric primitives
This thesis focuses on the cryptanalysis and the design of block ciphers and hash functions. The thesis starts with an overview of methods for cryptanalysis of block ciphers which are based on differential cryptanalysis. We explain these concepts and also several combinations of these attacks. We propose new attacks on reduced versions of ARIA and AES. Furthermore, we analyze the strength of th...
متن کاملHardware evaluation of the stream cipher-based hash functions RadioGatún and irRUPT
In the next years, new hash function candidates will replace the old MD5 and SHA-1 standards and the current SHA-2 family. The hash algorithms RadioGatún and irRUPT are potential successors based on a stream structure, which allows the achievement of high throughputs (particularly with long input messages) with minimal area occupation. In this paper, several hardware architectures of the two ab...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008