Advertisement

Breaking a New Hash Function Design Strategy Called SMASH

  • Norbert Pramstaller
  • Christian Rechberger
  • Vincent Rijmen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3897)

Abstract

We present a collision attack on SMASH. SMASH was proposed as a new hash function design strategy that does not rely on the structure of the MD4 family. The presented attack method allows us to produce almost any desired difference in the chaining variables of the iterated hash function. Due to the absence of a secret key, we are able to construct differences with probability 1. Furthermore, we get only few constraints on the colliding messages, which allows us to construct meaningful collisions. The presented collision attack uses negligible resources and we conjecture that it works for all hash functions built following the design strategy of SMASH.

Keywords

SMASH hash functions cryptanalysis collision 

References

  1. 1.
    Biham, E., Anderson, R.J., Knudsen, L.R.: Serpent: A New Block Cipher Proposal. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 222–238. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  2. 2.
    Biham, E., Chen, R.: Near-Collisions of SHA-0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–305. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Chabaud, F., Joux, A.: Differential Collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  5. 5.
    Dobbertin, H.: Cryptanalysis of MD4. In: Preneel, B. (ed.) FSE 1996. LNCS, vol. 1039, pp. 53–69. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  6. 6.
    Even, S., Mansour, Y.: A Construction of a Cipher From a Single Pseudorandom Permutation. In: Imai, H., Rivest, R.L., Matsumoto, T. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 210–224. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  7. 7.
    Knudsen, L.R.: SMASH - A Cryptographic Hash Function. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 228–242. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997), Available online at: http://www.cacr.math.uwaterloo.ca/hac/ zbMATHGoogle Scholar
  9. 9.
    National Institute of Standards and Technology (NIST). FIPS-180-2: Secure Hash Standard (August 2002), Available online at: http://www.itl.nist.gov/fipspubs/
  10. 10.
    Pramstaller, N., Rechberger, C., Rijmen, V.: Exploiting Coding Theory for Collision Attacks on SHA-1. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 78–95. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Preneel, B.: Analysis and design of cryptographic hash functions. PhD thesis, Katholieke Universiteit Leuven (1993)Google Scholar
  12. 12.
    Rijmen, V., Oswald, E.: Update on SHA-1. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 58–71. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Wang, X., Feng, D., Lai, X., Yu, X.: Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD (August 2004), preprint, available at: http://eprint.iacr.org/2004/199
  14. 14.
    Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Norbert Pramstaller
    • 1
  • Christian Rechberger
    • 1
  • Vincent Rijmen
    • 1
  1. 1.Institute for Applied Information Processing and Communications (IAIK)Graz University of TechnologyAustria

Personalised recommendations