Institutional Repository
| preimage attacks on step-reduced sm3 hash function | |
| Zou Jian; Wu Wenling; Wu Shuang; Su Bozhan; Dong Le | |
| 2012 | |
| Conference Name | 14th International Conference on Information Security and Cryptology, ICISC 2011 |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Pages | 375-390 |
| Conference Date | November 30, 2011 - December 2, 2011 |
| Conference Place | Seoul, Korea, Republic of |
| Indexed Type | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642319112 |
| Department | (1) State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing 100190 China; (2) Graduate University of Chinese Academy of Sciences Beijing 100049 China |
| English Abstract | This paper proposes a preimage attack on SM3 hash function reduced to 30 steps. SM3 is an iterated hash function based on the Merkle-Damga˚rd design. It is a hash function used in applications such as the electronic certification service system in China. Our cryptanalysis is based on the Meet-in-the-Middle (MITM) attack. We utilize several techniques such as initial structure, partial matching and message compensation to improve the standard MITM preimage attack. Moreover, we use some observations on the SM3 hash function to optimize the computation complexity. Overall, a preimage of 30 steps SM3 hash function can be computed with a complexity of 2249 SM3 compression function computation, and requires a memory of 216. As far as we know, this is yet the first preimage result on the SM3 hash function. © 2012 Springer-Verlag.; This paper proposes a preimage attack on SM3 hash function reduced to 30 steps. SM3 is an iterated hash function based on the Merkle-Damga˚rd design. It is a hash function used in applications such as the electronic certification service system in China. Our cryptanalysis is based on the Meet-in-the-Middle (MITM) attack. We utilize several techniques such as initial structure, partial matching and message compensation to improve the standard MITM preimage attack. Moreover, we use some observations on the SM3 hash function to optimize the computation complexity. Overall, a preimage of 30 steps SM3 hash function can be computed with a complexity of 2249 SM3 compression function computation, and requires a memory of 216. As far as we know, this is yet the first preimage result on the SM3 hash function. © 2012 Springer-Verlag. |
| Keyword | Security Of Data |
| Sponsorship | National Security Research Institute (NSRI); Electronics and Telecommunications Research Institute (ETRI); Korea Internet and Security Agency (KISA); Ministry of Public Administration and Security (MOPAS) |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15792 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Zou Jian,Wu Wenling,Wu Shuang,et al. preimage attacks on step-reduced sm3 hash function[C],2012:375-390. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment