A Meet-in-the-Middle Collision Attack Against the New FORK-256
We show that a 2112.9 collision attack exists against the FORK-256 Hash Function. The attack is surprisingly simple compared to existing published FORK-256 cryptanalysis work, yet is the best known result against the new, tweaked version of the hash. The attack is based on “splitting” the message schedule and compression function into two halves in a meet-in-the-middle attack. This in turn reduces the space of possible hash function results, which leads to significantly faster collision search. The attack strategy is also applicable to the original version of FORK-256 published in FSE 2006.
KeywordsFORK-256 Hash Function Cryptanalysis Meet-in-the-middle Attack
Unable to display preview. Download preview PDF.
- 2.Hong, D., Chang, D., Sung, J., Lee, S., Hong, S., Lee, J., Moon, D., Chee, S.: New FORK-256. Cryptology ePrint Archive 2007/185 (July 2007)Google Scholar
- 3.Matusiewicz, K., Contini, S., Pieprzyk, J.: Weaknesses of the FORK-256 Compression Function. Cryptology ePrint Archive 2006/317 (Second version) (November 2006)Google Scholar
- 4.Matusiewicz, K., Peyrin, T., Billet, O., Contini, S., Pieprzyk, J.: Cryptanalysis of FORK-256. In: Preproceeding of FSE 2007 (2007)Google Scholar