Cryptanalysis of the Modified Version of the Hash Function Proposed at PKC’98

  • Daewan Han
  • Sangwoo Park
  • Seongtaek Chee
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2365)


In the conference PKC’98, Shin et al. proposed a dedicated hash function of the MD family. In this paper, we study the security of Shin’s hash function. We analyze the property of the Boolean functions, the message expansion, and the data dependent rotations of the hash function. We propose a method for finding the collisions of the modified Shin’s hash function and show that we can find collisions with probability 2-30


Boolean Function Hash Function Consecutive Step Compression Function Message Block 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Donghoon Chang, Jaechul Sung, Soo Hak Sung, Sangjin Lee, and Jongin Lim. Full-Round Differential Attack on the Hash Function Proposed at PKC’98. Proceedings of Koreacrypt’01, pages 24–35, 2002.Google Scholar
  2. 2.
    Hans Dobbertin, Antoon Bosselaers, and Bart Preneel. RIPEMD-160: A strengthened version of RIPEMD., April 1996.Google Scholar
  3. 3.
    Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.Google Scholar
  4. 4.
    National Institute of Standards and Technology. FIPS PUB 180-1: Secure Hash Standard, April 1995.Google Scholar
  5. 5.
    Research and Development in Advanced Communications Technologies in Europe. RIPE: Integrity primitives for secure information systems. Final Report of RACE Integrity Primitives Evaluation(R1040),RACE, 1995.Google Scholar
  6. 6.
    Ronald L. Rivest. The MD4 message digest algorithm. In Alfred J. Menezes and Scott A. Vanstone, editors, Advances in Cryptology-Crypto’90, volume 537 of Lecture Notes in Computer Science, pages 303–311. Springer-Verlag, 1991.Google Scholar
  7. 7.
    Ronald L. Rivest. The MD5 message digest algorithm. In Request for Comments (RFC) 1321, April. Internet Activities Board, Internet Privacy Task Force, 1992.Google Scholar
  8. 8.
    Sang Uk Shin, Kyung Hyune Rhee, Dae Hyun Ryu, and Sang Jin Lee. A new hash function based on MDx-family and its application to MAC. In Hideki Imai and Yuliang Zheng, editors, Public Key Cryptography-PKC’98, volume 1431 of Lecture Notes in Computer Science, pages 234–246. Springer, 1998.CrossRefGoogle Scholar
  9. 9.
    A. F. Webster and Stafford E. Tavares. On the design of S-boxes. In Hugh C. Williams, editor, Advances in Cryptology-Crypto’85, volume 218 of Lecture Notes in Computer Science, pages 523–534. Springer-Verlag, New York, 1986.Google Scholar
  10. 10.
    Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry. HAVAL-A One-Way Hashing Algorithm with Variable Length of Output. In Jennifer Seberry and Yuliang Zheng, editors, Advances in Cryptology-Auscrypt’92, volume 718 of Lecture Notes in Computer Science, pages 83–104. Springer, 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Daewan Han
    • 1
  • Sangwoo Park
    • 1
  • Seongtaek Chee
    • 1
  1. 1.National Security Research InstituteDaejeonKorea

Personalised recommendations