Institutional Repository
| investigating fundamental security requirements on whirlpool: improved preimage and collision attacks | |
| Sasaki Yu; Wang Lei; Wu Shuang; Wu Wenling | |
| 2012 | |
| 会议名称 | 18th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2012 |
| 会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| 页码 | 562-579 |
| 会议日期 | December 2, 2012 - December 6, 2012 |
| 会议地点 | Beijing, China |
| 收录类别 | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642349607 |
| 部门归属 | (1) NTT Corporation Japan; (2) University of Electro-Communications Japan; (3) Nanyang Technological University Singapore; (4) Institute of Software Chinese Academy of Sciences China |
| 摘要 | In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2481 computations while the previous best attack is for 5 rounds with 2 481.5 computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2120 computations, while the previous best attack is for 7 rounds with 2184 computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported. © International Association for Cryptologic Research 2012.; In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2481 computations while the previous best attack is for 5 rounds with 2 481.5 computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2120 computations, while the previous best attack is for 7 rounds with 2184 computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported. © International Association for Cryptologic Research 2012. |
| 关键词 | Security Of Data |
| 主办者 | International Association for Cryptologic Research (IACR); National Natural Science Foundation of China; Huawei Technologies Co. Ltd.; Intel Corporation |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/15850 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Sasaki Yu,Wang Lei,Wu Shuang,et al. investigating fundamental security requirements on whirlpool: improved preimage and collision attacks[C],2012:562-579. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论