Abstract
We present preimage attacks on the SHA-3 candidates Boole, EnRUPT, Edon-R, and Sarmal, which are found to be vulnerable against a meet-in-the-middle attack. The idea is to invert (or partially invert) the compression function and to exploit its non-randomness. To launch an attack on a large internal state we manipulate the message blocks to be injected in order to fix some part of the internal state and to reduce the complexity of the attack. To lower the memory complexity of the attack we use the memoryless meet-in-the-middle approach proposed by Morita-Ohta-Miyaguchi.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sponge functions (2007), http://sponge.noekeon.org/
De Cannière, C., Rechberger, C.: Finding SHA-1 characteristics: General results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006)
Diffie, W., Hellman, M.E.: Exhaustive cryptanalysis of the NBS data encryption standard. Computer 10, 74–84 (1977)
Gligoroski, D., Ødegård, R.S., Mihova, M., Knapskog, S.J., Kocarev, L., Drápal, A.: Cryptographic hash function Edon-R. Submission to NIST (2008), http://people.item.ntnu.no/danilog/Hash/Edon-R/Supporting_Documentation/EdonRDocumentation.pdf
Mendel, F., Pramstaller, N., Rechberger, C., Kontak, M., Szmidt, J.: Cryptanalysis of the GOST hash function. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 162–178. Springer, Heidelberg (2008)
Morita, H., Ohta, K., Miyaguchi, S.: A switching closure test to analyze cryptosystems. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 183–193. Springer, Heidelberg (1992)
National Institute of Standards and Technology. Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA–3) Family 72(212) of Federal Register (November 2007)
O’Neil, S.: EnRUPT: First all-in-one symmetric cryptographic primitive. In: SASC 2008 (2008), http://www.ecrypt.eu.org/stvl/sasc2008/
O’Neil, S., Nohl, K., Henzen, L.: EnRUPT hash function specification (2008), http://enrupt.com/SHA3/
Preneel, B.: Analysis and Design of Cryptographic Hash Functions. PhD thesis, Katholieke Universiteit Leuven, Leuven, Belgium (January 1993)
Quisquater, J.-J., Delescaille, J.-P.: How easy is collision search? Application to DES (extended summary). In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 429–434. Springer, Heidelberg (1989)
Quisquater, J.-J., Delescaille, J.-P.: How easy is collision search. new results and applications to DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 408–413. Springer, Heidelberg (1990)
Rose, G.G.: Design and primitive specification for Boole, http://seer-grog.net/BoolePaper.pdf
van Oorschot, P.C., Wiener, M.J.: Parallel collision search with application to hash functions and discrete logarithms. In: ACM Conference on Computer and Communications Security, pp. 210–218 (1994)
Varıcı, K., Özen, O., Kocair, Ç.: Sarmal: SHA-3 proposal. Submission to NIST (2008)
Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khovratovich, D., Nikolić, I., Weinmann, RP. (2009). Meet-in-the-Middle Attacks on SHA-3 Candidates. In: Dunkelman, O. (eds) Fast Software Encryption. FSE 2009. Lecture Notes in Computer Science, vol 5665. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03317-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-03317-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03316-2
Online ISBN: 978-3-642-03317-9
eBook Packages: Computer ScienceComputer Science (R0)