Institutional Repository
| (pseudo) preimage attack on round-reduced grstl hash function and others | |
| Wu Shuang; Feng Dengguo; Wu Wenling; Guo Jian; Dong Le; Zou Jian | |
| 2012 | |
| Conference Name | 19th International Workshop on Fast Software Encryption, FSE 2012 |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Pages | 127-145 |
| Conference Date | March 19, 2012 - March 21, 2012 |
| Conference Place | Washington, DC, United states |
| Indexed Type | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642340468 |
| Department | (1) State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences China; (2) Institute for Infocomm Research Singapore Singapore |
| English Abstract | The Grøstl hash function is one of the 5 final round candidates of the SHA-3 competition hosted by NIST. In this paper, we study the preimage resistance of the Grøstl hash function. We propose pseudo preimage attacks on Grøstl hash function for both 256-bit and 512-bit versions, i.e., we need to choose the initial value in order to invert the hash function. Pseudo preimage attack on 5(out of 10)-round Grøstl-256 has a complexity of (2244.85,2230.13) (in time and memory) and pseudo preimage attack on 8(out of 14)-round Grøstl-512 has a complexity of (2507.32,2507.00). To the best of our knowledge, our attacks are the first (pseudo) preimage attacks on round-reduced Grøstl hash function, including its compression function and output transformation. These results are obtained by a variant of meet-in-the-middle preimage attack framework by Aoki and Sasaki. We also improve the time complexities of the preimage attacks against 5-round Whirlpool and 7-round AES hashes by Sasaki in FSE 2011. © 2012 Springer-Verlag.; The Grøstl hash function is one of the 5 final round candidates of the SHA-3 competition hosted by NIST. In this paper, we study the preimage resistance of the Grøstl hash function. We propose pseudo preimage attacks on Grøstl hash function for both 256-bit and 512-bit versions, i.e., we need to choose the initial value in order to invert the hash function. Pseudo preimage attack on 5(out of 10)-round Grøstl-256 has a complexity of (2244.85,2230.13) (in time and memory) and pseudo preimage attack on 8(out of 14)-round Grøstl-512 has a complexity of (2507.32,2507.00). To the best of our knowledge, our attacks are the first (pseudo) preimage attacks on round-reduced Grøstl hash function, including its compression function and output transformation. These results are obtained by a variant of meet-in-the-middle preimage attack framework by Aoki and Sasaki. We also improve the time complexities of the preimage attacks against 5-round Whirlpool and 7-round AES hashes by Sasaki in FSE 2011. © 2012 Springer-Verlag. |
| Keyword | Artificial Intelligence |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15749 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Wu Shuang,Feng Dengguo,Wu Wenling,et al. (pseudo) preimage attack on round-reduced grstl hash function and others[C],2012:127-145. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment