In this paper, we analyze the security of round-reduced versions of the Keccak hash function family. Based on the work pioneered by Aumasson and Meier, and Dinur et al., we formalize and develop a technique named linear structure, which allows linearization of the underlying permutation of Keccak for up to 3 rounds with large number of variable spaces. As a direct application, it extends the be...

The paper discusses the security of compression function and hash function with Merkle-Damg̊ard construction and provides the complexity bound of finding a collision and primage of hash function based on the condition probability of compression function y = F (x, k). we make a conclusion that in Merkle-Dammåard construction, the requirement of free start collision resistant and free start collis...

LUX is a new hash function submitted to NIST’s SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The freestart preimage attack has complexity of about 2 and requires...

Let M”= F-'(m,) be the preimage of the monomial symmetric function m, under F. We give an interpretation of M” in terms of certain combinatorial structures called I-domino tabloids. Using this interpretation, a number of properties of M” can be derived. The combinatorial interpretation of the preimage of the so called forgotten basis of Doubilet and Rota can also be obtained by similar techniques.

CellHash [3] and SubHash [4] were suggested by J. Daemen, R. Govaerts and J. Vandewalle in 1991 and 1992. SubHash is an improved version from CellHash. They have 257-bit internal state and 256-bit hash output. In this paper, we show a preimage attack on CellHash (SubHash) with the complexity 2 and the memory 2 for any t (with the complexity about 2 and the memory size 2). Even though we modify ...

One of the key topics in robot reasoning is motion planning. Most of the research in this domain has focused on the topological and geometrical problem of finding a collision-free path connecting two configurations of the robot among obstacles, by assuming complete and accurate prior knowledge of the robot workspace and perfect control of the robot. But there exists a variety of robot operation...

The authors consider the problem of determining robot motion plans under sensing and control uncertainties. Traditional approaches are often based on methodology known as preimage planning, which involves worst-case analysis. The authors have developed a general framework for determining feedback strategies by blending ideas from stochastic optimal control and dynamic game theory with tradition...

In this paper, we present preimage attacks on up to 43step SHA-256 (around 67% of the total 64 steps) and 46-step SHA-512 (around 57.5% of the total 80 steps), which significantly increases the number of attacked steps compared to the best previously published preimage attack working for 24 steps. The time complexities are 2, 2 for finding pseudo-preimages and 2, 2 compression function operatio...