Chapter

Information Security

Volume 4176 of the series Lecture Notes in Computer Science pp 101-116

On the Collision Resistance of RIPEMD-160

  • Florian MendelAffiliated withInstitute for Applied Information Processing and Communications (IAIK), Graz University of Technology
  • , Norbert PramstallerAffiliated withInstitute for Applied Information Processing and Communications (IAIK), Graz University of Technology
  • , Christian RechbergerAffiliated withInstitute for Applied Information Processing and Communications (IAIK), Graz University of Technology
  • , Vincent RijmenAffiliated withInstitute for Applied Information Processing and Communications (IAIK), Graz University of Technology

* Final gross prices may vary according to local VAT.

Get Access

Abstract

In this article, the RIPEMD-160 hash function is studied in detail. To analyze the hash function, we have extended existing approaches and used recent results in cryptanalysis. While RIPEMD and RIPEMD-128 reduced to 3 rounds are vulnerable to the attack, it is not feasible for RIPEMD-160. Furthermore, we present an analytical attack on a round-reduced variant of the RIPEMD-160 hash function. To the best of our knowledge this is the first article that investigates the impact of recent advances in cryptanalysis of hash functions on RIPEMD-160.

Keywords

RIPEMD-160 low-weight codewords hash function cryptanalysis collision attack differential attack