This paper describes an improved preimage attack on the cryptographic hash function MD2. The attack has complexity equivalent to about 2 evaluations of the MD2 compression function. This is to be compared with the previous best known preimage attack, which has complexity about 2.

We provide the first proof of security for Tandem-DM, one of the oldest and most well-known constructions for turning a block cipher with n-bit block length and 2n-bit key length into a 2n-bit cryptographic hash function. We prove, that when Tandem-DM is instantiated with AES-256, block length 128 bits and key length 256 bits, any adversary that asks less than 2 queries cannot find a collision ...

In this note, we describe attacks on the recently proposed Haraka hash functions. First, for the two hash functions Haraka-256/256 and Haraka-512/256 in the family, we show how two colliding messages can be constructed in about 216 function evaluations. Second, we invalidate the preimage security claim for Haraka-512/256 with an attack finding one preimage in about 2192 function evaluations. Th...

The cryptographic hash function Grøstl is a finalist in the NIST’s SHA-3 hash function competition and it is a tweaked variant of its predecessor called Grøstl-0, a second round SHA-3 candidate. In this article, we consider 256-bit Grøstl-0 and its 512-bit compression function. We show that internal differential trails built between the two almost similar looking permutations of the compression...

Vortex is a new family of one-way hash functions which has been submitted to the NIST SHA-3 competition. Its design is based on using the Rijndael block cipher round as a building block, and using a multiplication-based merging function to support fast mixing in a small number of steps. Vortex is designed to be a fast hash function, when running on a processor that has AES acceleration and has ...

A generalization of the Schwarz-Christoffel mapping to multiply connected polygonal domains is obtained by making a combined use of two preimage domains, namely, a rectilinear slit domain and a bounded circular domain. The conformal mapping from the circular domain to the polygonal region is written as an indefinite integral whose integrand consists of a product of powers of the Schottky-Klein ...