Cryptanalysis of the ESSENCE Family of Hash Functions.

ESSENCE is a family of cryptographic hash functions, accepted to the first round of NIST's SHA-3 competition. This paper presents the first known attacks on ESSENCE. ... We present a pseudo-collision attack on 31 out of 32 rounds of ESSENCE-512, invalidating the design claim that at least 24 rounds of ESSENCE are secure against differential cryptanalysis. ... Part of this work was performed at the Hash Function Retreat, hosted by the Graz University of Technology as an initiative of the SymLab group of the ECRYPT II project. ...

doi:10.1007/978-3-642-16342-5_2 fatcat:wacj452vqjhbpa2v252vbbe6wq

In recent years a new type of block ciphers and hash functions over a (large) field, such as MiMC and GMiMC, have been designed. ... We illustrate for the first time how our root finding technique can be used to find collision, second preimage and preimage attacks on (reduced round) members of the GMiMCHash family. ... The MiMC and Feistel-MiMC (over F p ) family of block ciphers and hash functions are the first ZKP-friendly dedicated symmetric designs. ...

dblp:journals/iacr/00050S21 fatcat:z6u5olg5qnao3bistluxek377u

We compare the functional capabilities of the proposed tool with that of other domain-specific software tools which can be used to reduce cryptanalysis problems to SAT, and also with the CBMC system widely ... In~the theoretical part of the paper we justify the main principles of general reduction to SAT for discrete functions from a class containing the majority of functions employed in cryptography. ... We are grateful to anonymous reviewers for their valuable comments that made it possible to significantly improve the quality of the present paper. ...

arXiv:1805.07239v5 fatcat:qrgcbbnag5a53davdbexvxbio4

Open Access Multiple Versions

We compare the functional capabilities of the proposed tool with that of other domain-specific software tools which can be used to reduce cryptanalysis problems to SAT, and also with the CBMC system widely ... In~the theoretical part of the paper we justify the main principles of general reduction to SAT for discrete functions from a class containing the majority of functions employed in cryptography. ... We are grateful to anonymous reviewers for their valuable comments that made it possible to significantly improve the quality of the present paper. ...

doi:10.23638/lmcs-16(1:29)2020 fatcat:fuji3nvk75ggzb5535kccwdmbu

DOAJ

It provides a new reference for the security analysis of the same structure of the lightweight hash functions in the WBAN. ... As a typical lightweight cryptosystem with an extended sponge function framework, the PHOTON family is flexible to provide security for the RFID and other highly-constrained devices. ... We expect that our work will provide deeper understanding of the security of AES-like hash functions. ...

doi:10.3837/tiis.2018.01.023 fatcat:a7gpnnkabbbwbloz5fkaffh324

These problems arise naturally when describing the security of Cayley hash functions, a class of cryptographic hash functions with very interesting properties. ... A constructive proof of Babai's conjecture would make all Cayley hash functions insecure, but on the other hand it would have many positive applications in graph theory and computer science. ... The first author is supported by a postdoctoral grant of the Belgian National Science Foundation (FRS-FNRS). ...

doi:10.1090/noti1001 fatcat:6n353wxmo5hhvjsab3di2quz6q

Szczepanski

A report on the selection process of the STARK friendly hash (SFH) function for standardization by the Ethereum Foundation. ... The outcome of this process, described here, is our recommendation to use the Rescue function over a prime field of size ≈ 2 61 in sponge mode with 12 field elements per state. ... Explanation of Table 1 The hash functions are sorted by families. ...

dblp:journals/iacr/Ben-SassonGL20 fatcat:iv6h257ulrgbpjooxvdlpjew2y

We describe some of the recent progress on lattice-based cryptography, starting from the seminal work of Ajtai, and ending with some recent constructions of very efficient cryptographic schemes. ... Our family of hash functions is the modular subset-sum function over Z n q , as defined next. Fix q = 2 2n and m = 4n 2 . For each a 1 , . . . , a m ∈ Z n q , the family contains the function f a1,... ... He gives a family of one-way functions where onlyÕ(n) bits are needed to specify a function in the family. ...

doi:10.1007/11818175_8 fatcat:j3h6d3sqm5fvddquhufxt2wvpu

Freestart collisions do not directly imply a collision for the full hash function. ... Only 10 days of computation on a 64-GPU cluster were necessary to perform this attack, for a cost of approximately 2 57.5 calls to the compression function of SHA-1. ... Acknowledgements We would like to express our gratitude to Orr Dunkelman for the use of his cluster with NVidia Tesla K10 cards. We also thank the anonymous reviewers for their helpful comments. ...

doi:10.1007/978-3-662-49890-3_18 fatcat:x6wvhsa2tjfa7pt7dictcgxfse

We start with the definitions of related-key security of Message Authentication Codes and identify required properties of relatedkey derivation functions for provable security. ... In the related-key setting, the adversary has the ability to query the underlying function on the target key as well as on some related-keys. ... We also thank Damien Stehlé for important feedback on the initial draft of the paper. We are grateful to the anonymous reviewers of FSE 2013 for insightful comments. ...

doi:10.1007/978-3-662-43933-3_16 fatcat:yz3xlvuk4zcgvbets5efbfc5sm

DHA-256 is a dedicated hash function with output length of 256 bits and 64 steps of operations designed to enhance SHA-256 security. In this paper, we show an attack on 35-step DHA-256. ... The attack finds pseudo-preimage and preimage of 35-step DHA-256 with the time complexity of 2 240 and 2 249 compression function operations, respectively, and 2 16 × 11 words memory. ... ACKNOWLEDGEMENTS The authors would like to thank the anonymous reviewers for the helpful comments. ...

doi:10.1109/pic.2010.5687472 fatcat:zxbqrqo4ozaupg3wbkncxxay4q

The new hash function is suitable for a wide range of applications like privacy-preserving cryptocurrencies, verifiable encryption, protocols with state membership proofs, or verifiable computation. ... We propose a new hash function Reinforced Concrete for the proof systems that support lookup tables, concretely Plookup based on KZG commitments or FRI. ... We thank Alex Vlasov (Matter Labs) for his modular math optimizations and comments on the earlier version of the paper. ...

dblp:journals/iacr/Barbara0KLRSW21 fatcat:tcevafvctreqfo52zlvmdntjju

We propose MARVELlous-a family of cryptographic algorithms specifically designed for STARK efficiency. The family currently includes the block cipher Jarvis and the hash function Friday. ... Friday is a Merkle-Dåmgard based hash function instantiated with Jarvis as its compression function thus it inherits its security properties up to the birthday bound. ... The research was funded by Starkware Industries Ltd., as part of an Ethereum Foundation grant activity, the support of both entities is greatly appreciated. ...

dblp:journals/iacr/AshurD18 fatcat:pbhbao5auracfb4fue7d424c4i

SHA-512 is a member of the SHA-2 family of cryptographic hash algorithms that is based on a Davies-Mayer compression function operating on eight 64-bit words to produce a 512-bit digest. ... In this paper, we present the first highly-optimized Assembler implementation of SHA-512 for the ATmega family of 8-bit AVR microcontrollers. ... The SHA-2 family consists of six hash functions providing varying levels of security with digests ranging from 224 to 512 bits. ...

doi:10.1007/978-3-030-12942-2_21 fatcat:enyjg5ibkjdzzibadkvsgh76ge

The relevance of the related-key model is usually controversial. ... From a practical point of view, the proposed framework is used to evaluate the security of Agrasta cipher which is a variant of Rasta cipher presented at CRYPTO 2018. ... Acknowledgments The work of Hadi Soleimany is partly supported by grants from Shahid Beheshti University and by the Iranian National Science Foundation (grant no95835673). ...

doi:10.1049/iet-ifs.2019.0326 fatcat:wq5j3olh45dmjmfpjo6aqdggdi

DOAJ

Cryptanalysis of the ESSENCE Family of Hash Functions [chapter]

Preserved Fulltext

Interpolation Cryptanalysis of Unbalanced Feistel Networks with Low Degree Round Functions [article]

Preserved Fulltext

Translation of Algorithmic Descriptions of Discrete Functions to SAT with Applications to Cryptanalysis Problems [article]

Preserved Fulltext

Other Versions

Translation of Algorithmic Descriptions of Discrete Functions to SAT with Applications to Cryptanalysis Problems

Preserved Fulltext

Security Analysis of the PHOTON Lightweight Cryptosystem in the Wireless Body Area Network

Preserved Fulltext

Rubik's for Cryptographers

Preserved Fulltext

STARK Friendly Hash - Survey and Recommendation [article]

Preserved Fulltext

Lattice-Based Cryptography [chapter]

Preserved Fulltext

Freestart Collision for Full SHA-1 [chapter]

Preserved Fulltext

Secure Message Authentication Against Related-Key Attack [chapter]

Preserved Fulltext

One-block preimage attack on 27-step DHA-256

Preserved Fulltext

Reinforced Concrete: Fast Hash Function for Zero Knowledge Proofs and Verifiable Computation [article]

Preserved Fulltext

MARVELlous: a STARK-Friendly Family of Cryptographic Primitives [article]

Preserved Fulltext

Efficient Implementation of the SHA-512 Hash Function for 8-Bit AVR Microcontrollers [chapter]

Preserved Fulltext

A Framework for Faster Key Search Using Related-key Higher-order Differential Properties: Applications to Agrasta

Preserved Fulltext