Near-Collision Attack on the Step-Reduced Compression Function of Skein-256
نویسندگان
چکیده
The Hash function Skein is one of the 5 finalists of NIST SHA-3 competition. It is designed based on the threefish block cipher and it only uses three primitive operations: modular addition, rotation and bitwise XOR (ARX). In this paper, we combine two short differential paths to a long differential path using the modular differential technique. And we present the semi-free start near-collision attack up to the 32-step Skein-256 with the Hamming difference 51. The complexity of our attack is about 2.
منابع مشابه
Partial-Collision Attack on the Round-Reduced Compression Function of Skein-256
The hash function Skein is one of 5 finalists of the NIST SHA-3 competition. It is based on the block cipher Threefish which only uses three primitive operations: modular addition, rotation and bitwise XOR (ARX). This paper proposes a free-start partial-collision attack on round-reduced Skein-256 by combing the rebound attack with the modular differential techniques. The main idea of our attack...
متن کاملNear-Collisions on the Reduced-Round Compression Functions of Skein and BLAKE
The SHA-3 competition organized by NIST [1] aims to find a new hash standard as a replacement of SHA-2. Till now, 14 submissions have been selected as the second round candidates, including Skein and BLAKE, both of which have components based on modular addition, rotation and bitwise XOR (ARX). In this paper, we propose improved near-collision attacks on the reduced-round compression functions ...
متن کاملCollisions and Other Non-random Properties for Step-Reduced SHA-256
We study the security of step-reduced but otherwise unmodified SHA-256. We show the first collision attacks on SHA-256 reduced to 23 and 24 steps with complexities 2 and 2, respectively. We give example colliding message pairs for 23-step and 24-step SHA-256. The best previous, recently obtained result was a collision attack for up to 22 steps. We extend our attacks to 23 and 24-step reduced SH...
متن کاملConverting Meet-In-The-Middle Preimage Attack into Pseudo Collision Attack: Application to SHA-2
In this paper, we present a new technique to construct a collision attack from a particular preimage attack which is called a partial target preimage attack. Since most of the recent meet-in-the-middle preimage attacks can be regarded as the partial target preimage attack, a collision attack is derived from the meet-in-the-middle preimage attack. By using our technique, pseudo collisions of the...
متن کاملCryptanalysis of the Compression Function of SIMD
SIMD is one of the second round candidates of the SHA3 competition hosted by NIST. In this paper, we present some results on the compression function of SIMD 1.1 (the tweaked version) using the modular difference method. For SIMD-256, We give a free-start near collision attack on the compression function reduced to 20 steps with complexity 2−107. And for SIMD-512, we give a free-start near coll...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011