Institutional Repository
| investigating fundamental security requirements on whirlpool: improved preimage and collision attacks | |
| Sasaki Yu; Wang Lei; Wu Shuang; Wu Wenling | |
| 2012 | |
| Conference Name | 18th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2012 |
| Source | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| Pages | 562-579 |
| Conference Date | December 2, 2012 - December 6, 2012 |
| Conference Place | Beijing, China |
| Indexed Type | EI |
| ISSN | 0302-9743 |
| ISBN | 9783642349607 |
| Department | (1) NTT Corporation Japan; (2) University of Electro-Communications Japan; (3) Nanyang Technological University Singapore; (4) Institute of Software Chinese Academy of Sciences China |
| English Abstract | In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2481 computations while the previous best attack is for 5 rounds with 2 481.5 computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2120 computations, while the previous best attack is for 7 rounds with 2184 computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported. © International Association for Cryptologic Research 2012.; In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2481 computations while the previous best attack is for 5 rounds with 2 481.5 computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2120 computations, while the previous best attack is for 7 rounds with 2184 computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported. © International Association for Cryptologic Research 2012. |
| Keyword | Security Of Data |
| Sponsorship | International Association for Cryptologic Research (IACR); National Natural Science Foundation of China; Huawei Technologies Co. Ltd.; Intel Corporation |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/15850 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Sasaki Yu,Wang Lei,Wu Shuang,et al. investigating fundamental security requirements on whirlpool: improved preimage and collision attacks[C],2012:562-579. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment