On the Security of VSH in Password Schemes

TLDR: This paper improves Saarinen's method for finding preimages of very smooth hash (VSH) hash values and generalise it to some of the variants of VSH proposed by Contini et al.

Abstract: In this paper we improve Saarinen's method for finding preimages of very smooth hash (VSH) hash values and generalise it to some of the variants of VSH proposed by Contini et al. VSH is a new hash function that has been proved to be collision resistant under similar assumptions on the factoring of large integers as the RSA cipher. Saarinen has developed a method for finding preimages of VSH hash values and in his paper he gave an example of its application to 169-bit VSH and 4-character passwords consisting of lowercase alphabets. Because there were no results on the practical effectiveness of this approach with cryptographically significant security parameters, we give some results on the time and memory required to find the preimages of 8-character alphanumeric passwords secured by 1024-bit and 2048-bit VSH on quite modest hardware. In our study we implemented both the original VSH and the cubing variant of VSH. Our results show that both Saarinen's method and our method can find preimages of password hash values very quickly and that our method is faster in many cases. Our method also uses reusable tables that can be used to find the preimages of subsequent hash values faster than with the original method.