Filters








44,046 Hits in 5.1 sec

Cryptanalysis of Round-Reduced HAS-160 [chapter]

Florian Mendel, Tomislav Nad, Martin Schläffer
2012 Lecture Notes in Computer Science  
In this paper, we present a semi-free-start collision for 65 (out of 80) steps of HAS-160 with practical complexity.  ...  HAS-160 is an iterated cryptographic hash function that is standardized by the Korean government and widely used in Korea.  ...  Acknowledgments The work in this paper has been supported by the European Commission under contract ICT-2007-216646 (ECRYPT II) and by the Austrian Science Fund (FWF, project P21936).  ... 
doi:10.1007/978-3-642-31912-9_3 fatcat:quyhzc2ohjhwzj4kyjghi6imam

Collision Search Attack for 53-Step HAS-160 [chapter]

Hong-Su Cho, Sangwoo Park, Soo Hak Sung, Aaram Yun
2006 Lecture Notes in Computer Science  
11 HAS-160 • State transformation (a step) a i-1 b i-1 c i-1 d i-1 e i-1 a i b i c i d i e i << s 1 << s 2 f x i k i 12 HAS-160 • Boolean functions • Depends on the round  ...  is possible 18 For 45-step collision path… • Message scheduling • Give differences at m 3 and m 9 • This could produce an inner collision at step 25 which extends to step 45  ...  • Florian Mendel found an actual collision pair for 53-step HAS-160 • Only about a week after he read our paper! • Uses the same differential path we found  ... 
doi:10.1007/11927587_24 fatcat:pcxck5be3fdpvajidxmrxqnldq

Finding Good Differential Patterns for Attacks on SHA-1 [chapter]

Krystian Matusiewicz, Josef Pieprzyk
2006 Lecture Notes in Computer Science  
Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.  ...  We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a linear code.  ...  This is the same pattern as the one used by Biham and Chen to find collisions for 34 steps of SHA-1 [2] .  ... 
doi:10.1007/11779360_14 fatcat:uphd5w4cond6li7hahikoz5gvy

A Heuristic for Finding Compatible Differential Paths with Application to HAS-160 [chapter]

Aleksandar Kircanski, Riham AlTawy, Amr M. Youssef
2013 Lecture Notes in Computer Science  
As for the previous HAS-160 analysis, in 2005, Yun et al. [38] found a practical collision for the 45-step (out of 80) reduced hash function.  ...  The application of the heuristic in case of HAS-160 yields a practical second order collision over all of the function steps, which is the first practical result that covers all of the HAS-160 steps.  ...  The authors would like to thank Gaëtan Leurent for his help related to ARXtools and the discussions on the topic.  ... 
doi:10.1007/978-3-642-42045-0_24 fatcat:jmgcgz6fjjapvo2gn4jwgpcfvu

Exploiting Coding Theory for Collision Attacks on SHA-1 [chapter]

Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
2005 Lecture Notes in Computer Science  
We will mainly focus on SHA-1. We present different linear codes that are used to find lowweight differences that lead to a collision.  ...  With our approach we are able to find differences with very low weight. Based on the weight of these differences we conjecture the complexity for a collision attack on the full SHA-1.  ...  More precisely, only two randomly selected columns are interchanged in each iteration, that is, only one step of a Gaussian elimination has to be performed.  ... 
doi:10.1007/11586821_7 fatcat:ixsqrdni45arfguw3lozgxdk7q

Distinguishers on Double-Branch Compression Function and Applications to Round-Reduced RIPEMD-128 and RIPEMD-160

Yu SASAKI, Lei WANG
2014 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
This leads to 4-sum attacks on 47 steps (out of 64 steps) of RIPEMD-128 and 40 steps (out of 80 steps) of RIPEMD-160.  ...  The partial 2-dimension sum is generated on 48 steps of RIPEMD-128 and 42 steps of RIPEMD-160, with complexities of 2 35 and 2 36 , respectively.  ...  This implies that 45 steps of the compression function is non-ideal with respect to the 4-sum property. Attack on 46 and 47 steps.  ... 
doi:10.1587/transfun.e97.a.177 fatcat:d32lz2bkfrdslh2ht3gmxzbhvm

Finding Preimages in Full MD5 Faster Than Exhaustive Search [chapter]

Yu Sasaki, Kazumaro Aoki
2009 Lecture Notes in Computer Science  
The memory complexity of the attack is 2 45 × 11 words. Our attack is based on splice-and-cut and localcollision techniques that have been applied to step-reduced MD5 and other hash functions.  ...  In this paper, we present the first cryptographic preimage attack on the full MD5 hash function.  ...  Preimage Attack on HAS-160 An example of a variant of the local-collision technique is shown in Ref. [12] . Differently from Ref. [14] , Ref.  ... 
doi:10.1007/978-3-642-01001-9_8 fatcat:l2sc6t7evrf5bpfrfzz7qemoha

Non-full Sbox Linearization: Applications to Collision Attacks on Round-Reduced Keccak [chapter]

Ling Song, Guohong Liao, Jian Guo
2017 Lecture Notes in Computer Science  
In collision attacks, the aim is to find two distinct messages which lead to the same hash digest.  ...  Secondly, we extend the connectors to 3 rounds, and apply it to Keccak[1440, 160, 6, 160] -a 6-round instance of the Keccak collision challenge, which leads to the first 6-round real collision of Keccak  ...  We list below the steps for finding 4-round cores for Keccak-224, and then describe the difference for Keccak[1440, 160, 6, 160].  ... 
doi:10.1007/978-3-319-63715-0_15 fatcat:d3l4bvirhvarvoadjb2jw7qhxm

Improved Preimage Attacks on RIPEMD-160 and HAS-160

2018 KSII Transactions on Internet and Information Systems  
They improve the best preimage attacks from the intermediate step on step-reduced RIPEMD-160 and HAS-160 by 4 and 3 steps respectively.  ...  A preimage attack on 35-step RIPEMD-160 and a preimage attack on 71-step HAS-160 are presented. Both of the attacks are from the intermediate step and satisfy the message padding.  ...  [21] presented the first cryptanalysis on HAS-160. They proposed a collision attack on 45-step HAS-160 by applying techniques introduced by Wang et al. [22] . Later Cho et al.  ... 
doi:10.3837/tiis.2018.02.011 fatcat:rd3fb3zzlvg67ky6sepdvakqie

High energy γ-ray emission in heavy-ion collisions

W. Bauer, W. Cassing, U. Mosel, M. Tohyama, R.Y. Cusson
1986 Nuclear Physics A  
Effects from residual nucleon-nucleon collisions on the collective current are further taken into account via a relaxation ansatz for the single-particle occupation numbers.  ...  We calculate double-differential cross sections for energetic photon production in intermediate energy nucleus-nucleus collisions.  ...  For slab on slab collisions corresponding to the system 12C+ 12C at lab energies up to 160 MeV/ u we find numerically, that it is sufficient to include the first 10 unoccupied states in eq. (2.13).  ... 
doi:10.1016/0375-9474(86)90371-4 fatcat:ira3qhne5bekzi3zwjwjbtpjra

Complexity of Differential Attacks on SHA-0 with Various Message Schedules

M. HATTORI
2005 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
The collision resistance and the near-collision resistance of SHA-0 variants to the Chabaud-Joux attack are evaluated.  ...  Moreover, the near-collision resistance of a variant to the Biham-Chen attack is evaluated. It is shown that the selection of primitive polynomials highly affects the resistance.  ...  The complexity is 2 45 . We implemented the collision attack on this variant. We used 16 computers each of which has a Pen-tium4 3.06 GHz CPU.  ... 
doi:10.1093/ietfec/e88-a.12.3668 fatcat:a3j3s6q5anhi7j55g5oxdukz6q

Fast Near Collision Attack on the Grain v1 Stream Cipher [chapter]

Bin Zhang, Chao Xu, Willi Meier
2018 Lecture Notes in Computer Science  
In this paper, we propose a key recovery attack, called near collision attack, on Grain v1.  ...  Though a number of potential weaknesses have been identified, no key recovery attack on the original design in the single key model has been found yet.  ...  This step is to filter out these pseudo-collisions and find the real one.  ... 
doi:10.1007/978-3-319-78375-8_25 fatcat:gfsytzxni5gmje6lfub5ahxbc4

Cryptanalysis of the SEAL 3.0 Pseudorandom Function Family [chapter]

Scott R. Fluhrer
2002 Lecture Notes in Computer Science  
While this is not a practical attack on any use of SEAL, it does demonstrate that SEAL does not achieve its design goals.  ...  Description of SEAL and Other Work SEAL is a length increasing pseudorandom function family that, under the control of a 160-bit key, expands a 32-bit string into a 2 19 -bit string. Internally, M.  ...  SEAL, in particular, has a 160 bit key, and maps a 32 bit input into a 64kbyte output.  ... 
doi:10.1007/3-540-45473-x_11 fatcat:lmbkdb65mfckbdd5ucrvll5qdy

A Fast New Cryptographic Hash Function Based on Integer Tent Mapping System

Jiandong Liu, Xiahui Wang, Kai Yang, Chen Zhao
2012 Journal of Computers  
This paper proposes a novel one-way Hash function which is based on the Coupled Integer Tent Mapping System and termed as THA (THA-160, THA-256).  ...  The THA-160 compresses a message of arbitrary length into a fingerprint of 160 bits, well the THA-256 compresses a message of arbitrary length into a fingerprint of 256 bits.  ...  However, adopting modular differential method could find one collision of HAVAL-128 within the period of 2 7 times of HAVAL-128 operations [15] .  ... 
doi:10.4304/jcp.7.7.1671-1680 fatcat:jm5m3u7nxnhejmzzxjs2lbfxxe

The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition [chapter]

Bart Preneel
2010 Lecture Notes in Computer Science  
Rabin proposed a design with a 64-bit result based on the block cipher DES [37], Yuval showed how to find collisions for an n-bit hash function in time 2 n/2 with the birthday paradox, and Merkle's work  ...  In 2004 Wang et al. perfected differential cryptanalysis to a point that finding collisions for MD5 became very easy; for SHA-1 a substantial reduction of the security margin was obtained.  ...  [45] and Sanadhya and Sarkar [82] can only break 24 out of 64 steps of SHA-256).  ... 
doi:10.1007/978-3-642-11925-5_1 fatcat:pmaorvizrbghxi2wrtry6i3j7a
« Previous Showing results 1 — 15 out of 44,046 results