Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information Security Applications

WISA 2008: Information Security Applications pp 174–189Cite as

Pseudorandom-Function Property of the Step-Reduced Compression Functions of SHA-256 and SHA-512

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5379))

Abstract

Applications of an iterated hash function such as HMAC require that the compression function of the hash function is a pseudorandom function. However, the pseudorandom-function property of the compression function was not analyzed up to now. This paper shows that it is easy to distinguish between the 22 step-reduced SHA-512 compression function with the key-via-IV strategy and a random function. This is the first result on the pseudorandom-function property of the SHA-512 compression function with the key-via-IV strategy. A similar distinguishing attack is applicable to the SHA-256 compression function with the key-via-IV strategy.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006), http://eprint.iacr.org/2006/043.pdf

    Chapter  Google Scholar 

  2. Bellare, M., Ristenpart, T.: Multi-property-preserving hash domain extension and the EMD transform. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 299–314. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Bellare, M., Ristenpart, T.: Hash functions in the dedicated-key setting: Design choices and MPP transforms. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 399–410. Springer, Heidelberg (2007), http://eprint.iacr.org/

    Chapter  Google Scholar 

  4. Black, J., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  5. Contini, S., Yin, Y.L.: Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 37–53. Springer, Heidelberg (2006), http://eprint.iacr.org/

    Chapter  Google Scholar 

  6. Dunkelman, O., Keller, N., Kim, J.: Related-key rectangle attack on the full SHACAL-1. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 28–44. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  7. Fouque, P.-A., Leurent, G., Nguyenh, P.Q.: Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 13–30. Springer, Heidelberg (2007), ftp://ftp.di.ens.fr/pub/users/pnguyen/Crypto07.pdf

    Chapter  Google Scholar 

  8. Handschuh, H., Naccache, D.: SHACAL (2000), http://www.nessie.eu.org/nessie/

  9. Hirose, S., Park, J.H., Yun, A.: A simple variant of the Merkle-Damgård scheme with a permutation. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 113–129. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  10. Hong, S., Kim, J., Kim, G., Sung, J., Lee, C., Lee, S.: Impossible differential attack on 30-round SHACAL-2. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 97–106. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Indesteege, S., Mendel, F., Preneel, B., Rechberger, C., Rijmen, V.: Collisions and other non-random properties for step-reduced SHA-256. Cryptology ePrint Archive, Report 2008/131 (2008), http://eprint.iacr.org/

  12. Kim, J., Moon, D., Lee, W., Hong, S., Lee, S., Jung, S.: Amplified boomerang attack against reduced-round SHACAL. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 243–253. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Mendel, F., Pramstaller, N., Rechberger, C., Rijmen, V.: Analysis of step-reduced SHA-256. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 126–143. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publication 180-2 (August 2002), http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

  15. Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  16. Sanadhya, S.K., Sarkar, P.: Collision attacks against 22-step SHA-512. Cryptology ePrint Archive, Report 2008/270 (2008), http://eprint.iacr.org/

  17. Sanadhya, S.K., Sarkar, P.: Non-linear reduced round attacks against SHA-2 hash family. Cryptology ePrint Archive, Report 2008/174 (2008), http://eprint.iacr.org/

  18. Simon, D.R.: Findings collisions on a one-way street: Can secure hash functions be based on general assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 334–345. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  19. Wang, L., Ohta, K., Kunihiro, N.: New key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 237–253. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Engineering, Kobe University, Japan

    Hidenori Kuwakado

  2. Graduate School of Engineering, University of Fukui, Japan

    Shoichi Hirose

Authors
  1. Hidenori Kuwakado
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shoichi Hirose
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Research Division, Electronics and Telecommunications Research Institute (ETRI), 161 Gajeong Dong, YuseongGu, 305-700, Daejeon, Korea

    Kyo-Il Chung

  2. The Attached Institute of Electronics and Telecommunications Research Institute (ETRI), 1 Yuseong-Post, 305-702, Daejeon, Korea

    Kiwook Sohn

  3. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kuwakado, H., Hirose, S. (2009). Pseudorandom-Function Property of the Step-Reduced Compression Functions of SHA-256 and SHA-512. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00306-6_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00305-9

  • Online ISBN: 978-3-642-00306-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation