The TIB3-256 hashing algorithm [3] is a first round candidate in the SHA-3 competition [2]. Properties of the message expansion and the PHTX function are observed, and then exploited to create new high-probability differential paths through the compression function. Examples conforming to the differential paths are presented. Only one of these differential paths can be applied to the tweaked ve...

We analyse two new and related families of one-way authentication protocols, where a party wants to authenticate its public information to another. In the first, the objective is to do without shared passwords or a PKI, making use of low-bandwidth empirical/authentic channels where messages cannot be faked or modified. The analysis of these leads to a new security principle, termed separation o...

At the ECRYPT Hash Workshop 2007, Finiasz, Gaborit, and Sendrier proposed an improved version of a previous provably secure syndrome-based hash function. The main innovation of the new design is the use of a quasi-cyclic code in order to have a shorter description and to lower the memory usage. In this paper, we look at the security implications of using a quasi-cyclic code. We show that this v...

In a recent paper, Lucks espoused a “failure-friendly” approach to hash function design [12]. We expand on this idea in two main ways. First of all, we consider the notion of a weak ideal compression function, which is vulnerable to strong forms of attack, but is otherwise random. We show that such weak ideal compression functions can be used to create secure hash functions, thereby giving a de...

In this paper, we identify higher-order differential and zero-sum properties in the full Keccak-f permutation, in the Luffa v1 hash function, and in components of the Luffa v2 algorithm. These structural properties rely on a new bound on the degree of iterated permutations with a nonlinear layer composed of parallel applications of smaller balanced Sboxes. These techniques yield zero-sum partit...

In this article, it is discussed how to construct a compression function with 2n-bit output using a component function with n-bit output. The component function is either a smaller compression function or a block cipher. Some constructions are presented which compose collision-resistant hash functions: Any collision-finding attack on them is at most as efficient as a birthday attack in the rand...

DHA-256 (Double Hash Algorithm) was proposed at the Cryptographic Hash Workshop hosted by NIST in November 2005. DHA-256 is a dedicated hash function with output length of 256 bits and 64 steps of operations designed to enhance SHA-256 security. In this paper, we show two attacks on reduced DHA-256. The first attack finds one-block second preimage and preimage of 26-step DHA-256 with time compl...

DHA-256 (Double Hash Algorithm) was proposed at the Cryptographic Hash Workshop hosted by NIST in November 2005. DHA-256 is a dedicated hash function with output length of 256 bits and 64 steps of operations designed to enhance SHA-256 security. In this paper, we show an attack on 35-step DHA-256. The attack finds pseudo-preimage and preimage of 35-step DHA-256 with the time complexity of 2 and...

Many different approaches for neural network based hash functions have been proposed. Statistical analysis must correlate security of them. This paper proposes novel neural hashing approach for gray scale image authentication. The suggested system is rapid, robust, useful and secure. Proposed hash function generates hash values using neural network one-way property and non-linear techniques. As...

CubeHash is one of the round 2 candidates of the public SHA-3 competition hosted by NIST. It was designed by Bernstein. In this paper we find a new distinguisher to distinguish CubeHash compression function from a random function. This distinguisher principle is based on rotational analysis that formally introduced by Khovratovich and Nikolic. In order to use this technique, we need to compute ...