Collision attack

About: Collision attack is a research topic. Over the lifetime, 1093 publications have been published within this topic receiving 28389 citations.

A novel keyed parallel hashing scheme based on a new chaotic system

Abstract: Hash functions play important role in the information security era. Although there are different methods to design these functions, in recent years chaos theory has emerged as a strong solution in this area. Chaotic hash functions use one-dimensional maps such as logistic and tent, or employ complex multi-dimensional maps which are typically insecure or slow and most of them has been successfully attacked. In this paper, we propose a new chaotic system and employ it to design a secure and fast hash function. The improved security factor has roots in the hyper sensitivity of the proposed chaotic map while properties like speed and security can be parameterized. On the other hand, the proposed hash function has a dynamic random array of functions and can be implemented by a parallel architecture. This data-level parallel architecture makes it fast to generate the hash value. Statistical simulations show success of the proposed hashing scheme. Cryptanalysis of proposed function, such as key sensitivity, meet-in-the-middle attack, collision, preimage resistance and high level attacks, proves security of the proposed function.

Rebound attacks on the reduced grøstl hash function

Abstract: Grostl is one of 14 second round candidates of the NIST SHA-3 competition. Cryptanalytic results on the wide-pipe compression function of Grostl-256 have already been published. However, little is known about the hash function, arguably a much more interesting cryptanalytic setting. Also, Grostl-512 has not been analyzed yet. In this paper, we show the first cryptanalytic attacks on reduced-round versions of the Grostl hash functions. These results are obtained by several extensions of the rebound attack. We present a collision attack on 4/10 rounds of the Grostl-256 hash function and 5/14 rounds of the Grostl-512 hash functions. Additionally, we give the best collision attack for reduced-round (7/10 and 7/14) versions of the compression function of Grostl-256 and Grostl-512.

Known-key distinguishers on 11-round Feistel and collision attacks on its hashing modes

Abstract: We present new attacks on the Feistel network, where each round function consists of a subkey XOR, S-boxes, and then a linear transformation (i.e., an SP round function). Our techniques are based largely on what they call the rebound attacks. As a result, our attacks work most effectively when the S-boxes have a "good" differential property (like the inverse function x → x-1 in the finite field) and when the linear transformation has an "optimal" branch number (i.e., a maximum distance separable matrix).We first describe known-key distinguishers on such Feistel block ciphers of up to 11 rounds, increasing significantly the number of rounds from previous work. We then apply our distinguishers to the Matyas-Meyer-Oseas and Miyaguchi-Preneel modes in which the Feistel ciphers are used, obtaining collision and half-collision attacks on these hash functions.

Non-full-active Super-Sbox Analysis: Applications to ECHO and Grøstl

Abstract: In this paper, we present non-full-active Super-Sbox analysis which can detect non-ideal properties of a class of AES-based permutations with a low complexity. We apply this framework to SHA-3 round-2 candidates ECHO and Grostl. The first application is for the full-round (8-round) ECHO permutation, which is a building block for 256-bit and 224-bit output sizes. By combining several observations specific to ECHO, our attack detects a non-ideal property with a time complexity of 2182 and 237 amount of memory. The complexity, especially in terms of the product of time and memory, is drastically reduced from the previous best attack which required 2512×2512. Note that this result does not impact the security of the ECHO compression function nor the overall hash function. We also show that our method can detect non-ideal properties of the 8-round Grostl-256 permutation with a practical complexity, and finally show that our approach improves a semi-free-start collision attack on the 7-round Grostl-512 compression function. Our approach is based on a series of attacks on AES-based hash functions such as rebound attack and Super-Sbox analysis. The core idea is using a new differential path consisting of only non-full-active states.

Collisions on SHA-0 in One Hour

Abstract: At Crypto 2007, Joux and Peyrin showed that the boomerang attack, a classical tool in block cipher cryptanalysis, can also be very useful when analyzing hash functions. They applied their new theoretical results to SHA and provided new improvements for the cryptanalysis of this algorithm. In this paper, we concentrate on the case of SHA-0 . First, we show that the previous perturbation vectors used in all known attacks are not optimal and we provide a new 2-block one. The problem of the possible existence of message modifications for this vector is tackled by the utilization of auxiliary differentials from the boomerang attack, relatively simple to use. Finally, we are able to produce the best collision attack against SHA-0 so far, with a measured complexity of 233,6hash function calls. Finding one collision for SHA-0 takes us approximatively one hour of computation on an average PC.