Advertisement

Designs, Codes and Cryptography

, Volume 62, Issue 1, pp 1–18 | Cite as

Memoryless near-collisions via coding theory

  • Mario Lamberger
  • Florian Mendel
  • Vincent Rijmen
  • Koen Simoens
Article

Abstract

We investigate generic methods to find near-collisions in cryptographic hash functions. We introduce a new generic approach based on methods to find cycles in the space of codewords of a code with low covering radius. We give an analysis of our approach and demonstrate it on the SHA-3 candidate TIB3.

Keywords

Hash functions Near-collisions Cycle finding algorithms Covering codes 

Mathematics Subject Classification (2000)

11T71 94A60 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barg A., Forney G.D. Jr.: Random codes: minimum distances and error exponents. IEEE Trans. Inf. Theory 48(9), 2568–2573 (2002)CrossRefzbMATHMathSciNetGoogle Scholar
  2. 2.
    Brent R.P.: An improved Monte Carlo factorization algorithm. BIT 20(2), 176–184 (1980)CrossRefzbMATHMathSciNetGoogle Scholar
  3. 3.
    Canetti R., Rivest R.L., Sudan M., Trevisan L., Vadhan S.P., Wee H.: Amplifying collision resistance: a complexity-theoretic treatment. In: Menezes, A. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 4622, pp. 264–283. Springer, Heidelberg (2007)Google Scholar
  4. 4.
    Cohen G., Honkala I., Litsyn S., Lobstein A.: Covering codes, vol. 54 of North-Holland Mathematical Library. North-Holland Publishing Co., Amsterdam (1997)Google Scholar
  5. 5.
    Cohen H., Frey G., Avanzi R., Doche C., Lange T., Nguyen K., Vercauteren F. (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography. Discrete Mathematics and its Applications (Boca Raton). Chapman & Hall/CRC, Boca Raton, FL (2006).Google Scholar
  6. 6.
    Damgård I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 435, pp. 416–427. Springer, Heidelberg (1989)Google Scholar
  7. 7.
    den Boer B., Bosselaers A.: Collisions for the compression function of MD5. In: Goos, G., Hartmanis, J. (eds) EUROCRYPT, Lecture Notes in Computer Science, vol. 765, pp. 293–304. Springer, Heidelberg (1993)Google Scholar
  8. 8.
    Gordon D., Miller V., Ostapenko P.: Optimal hash functions for approximate matches on the n-cube. IEEE Trans. Inform. Theory 56(3), 984–991 (2010)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Graham R.L., Sloane N.J.A.: On the covering radius of codes. IEEE Trans. Inform. Theory 31(3), 385–401 (1985)CrossRefzbMATHMathSciNetGoogle Scholar
  10. 10.
    Harris B.: Probability distributions related to random mappings. Ann. Math. Stat. 31, 1045–1062 (1960)CrossRefzbMATHGoogle Scholar
  11. 11.
    Kéri G.: Tables for bounds on covering codes. http://www.sztaki.hu/~keri/codes/. Accessed 17 May 2010.
  12. 12.
    Knuth D.E.: The art of computer programming. Seminumerical algorithms, Addison-Wesley Series in Computer Science and Information Processing, vol. 2, third edn. Addison-Wesley Publishing Co., Reading, MA, (1997).Google Scholar
  13. 13.
    Matyas S.M., Meyer C.H., Oseas J.: Generating strong one-way functions with crypographic algorithm. IBM Tech. Discl. Bull. 27(10A), 5658–5659 (1985)Google Scholar
  14. 14.
    Mendel F., Schläffer M.: On free-start collisions and collisions for TIB3. In: Samarati P., Yung M., Martinelli F., Ardagna C.A. (ed) ISC, Lecture Notes in Computer Science, vol. 5735, pp. 95–106. Springer, Heidelberg (2009).Google Scholar
  15. 15.
    Menezes A., van Oorschot P.C., Vanstone S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  16. 16.
    Merkle R.C.: One way hash functions and DES. In: Brassard G. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 435, pp. 428–446. Springer, Heidelberg (1989).Google Scholar
  17. 17.
    Montes M., Penazzi D.: The TIB3 Hash. Submission to NIST (2008).Google Scholar
  18. 18.
    National Institute of Standards and Technology (NIST): FIPS-180-2: Secure Hash Standard. http://www.itl.nist.gov/fipspubs/ (2002).
  19. 19.
    National Institute of Standards and Technology (NIST): Cryptographic Hash Project. http://www.nist.gov/hash-competition (2007).
  20. 20.
    Nivasch G.: Cycle detection using a stack. Inf. Process. Lett. 90(3), 135–140 (2004)CrossRefzbMATHMathSciNetGoogle Scholar
  21. 21.
    Pless V.: Introduction to the theory of error-correcting codes. Wiley-Interscience Series in Discrete Mathematics and Optimization, third edn. Wiley, New York (1998)Google Scholar
  22. 22.
    Pollard J.M.: Monte Carlo methods for index computation (mod p). Math. Comp. 32(143), 918–924 (1978)zbMATHMathSciNetGoogle Scholar
  23. 23.
    Quisquater J.-J., Delescaille J.-P.: How easy is collision search. new results and applications to DES. In: Brassard G. (ed.) CRYPTO Lecture Notes in Computer Science, vol. 435, pp. 408–413. Springer, Heidelberg (1989).Google Scholar
  24. 24.
    Rivest R.: RFC1321—The MD5 Message-Digest Algorithm (1992).Google Scholar
  25. 25.
    Struik R.: An improvement of the Van Wee bound for binary linear covering codes. IEEE Trans. Inform. Theory 40(4), 1280–1284 (1994)CrossRefzbMATHMathSciNetGoogle Scholar
  26. 26.
    van Oorschot P.C., Wiener M.J.: Improving implementable meet-in-the-middle attacks by orders of magnitude. In: Koblitz N. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 1109, pp. 229–236. Springer, Heidelberg (1996).Google Scholar
  27. 27.
    van Oorschot P.C., Wiener M.J.: Parallel collision search with cryptanalytic applications. J. Cryptol. 12(1), 1–28 (1999)CrossRefzbMATHGoogle Scholar
  28. 28.
    van Wee G.J.M.: Improved sphere bounds on the covering radius of codes. IEEE Trans. Inform. Theory 34(2), 237–245 (1988)CrossRefzbMATHMathSciNetGoogle Scholar
  29. 29.
    Wang X., Yu H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT, Lecture Notes in Computer Science, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)Google Scholar
  30. 30.
    Wang X., Yin Y.L., Yu H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO, Lecture Notes in Computer Science, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)Google Scholar
  31. 31.
    Yuval G.: How to swindle Rabin?. Cryptologia 3(3), 187–191 (1979)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Mario Lamberger
    • 1
  • Florian Mendel
    • 1
  • Vincent Rijmen
    • 2
  • Koen Simoens
    • 2
  1. 1.IAIK, Graz University of TechnologyGrazAustria
  2. 2.IAIK, Graz University of Technology ESAT/COSIC, K. U. Leuven and IBBTHeverleeBelgium

Personalised recommendations