Advertisement

Message Recovery and Pseudo-preimage Attacks on the Compression Function of Hamsi-256

  • Çağdaş Çalık
  • Meltem Sönmez Turan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6212)

Abstract

Hamsi is one of the second round candidates of the SHA-3 competition. In this study, we present non-random differential properties for the compression function of Hamsi-256. Based on these properties, we first demonstrate a distinguishing attack that requires a few evaluations of the compression function. Then, we present a message recovery attack with a complexity of 210.48 compression function evaluations. Also, we present a pseudo-preimage attack for the compression function with complexity 2254.25.

Keywords

Hash functions SHA-3 competition pseudo-preimage attacks 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aumasson, J.P.: On the Pseudorandomness of Hamsi. NIST mailing list, local link (2009), http://ehash.iaik.tugraz.at/uploads/d/db/Hamsi_nonrandomness.txt
  2. 2.
    Aumasson, J.P., Käsper, E., Knudsen, L.R., Matusiewicz, K., Ødegård, R., Peyrin, T., Schläffer, M.: Differential Distinguishers for the Compression Function and Output Transformation of Hamsi-256. Cryptology ePrint Archive, Report 2010/091 (2010), http://eprint.iacr.org/
  3. 3.
    Biham, E., Chen, R., Joux, A., Carribault, P., Lemuet, C., Jalby, W.: Collisions of SHA-0 and Reduced SHA-1. In: Cramer (ed.) [5], pp. 36–57Google Scholar
  4. 4.
    Chabaud, F., Joux, A.: Differential Collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)Google Scholar
  5. 5.
    Cramer, R. (ed.): EUROCRYPT 2005. LNCS, vol. 3494. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  6. 6.
    Küçük, Ö.: The Hash Function Hamsi. Submission to NIST (2008), http://ehash.iaik.tugraz.at/uploads/9/95/Hamsi.pdf
  7. 7.
    National Institute of Standards and Technology: Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register 27(212), 62212–62220 (2007), http://csrc.nist.gov/groups/ST/hash/documents/FR_Notice_Nov07.pdf
  8. 8.
    Nikolic, I.: Near Collisions for the Compression Function of Hamsi-256. CRYPTO rump session (2009)Google Scholar
  9. 9.
    Wang, M., Wang, X., Jia, K., Wang, W.: New Pseudo-Near-Collision Attack on Reduced-Round of Hamsi-256. Cryptology ePrint Archive, Report 2009/484 (2009)Google Scholar
  10. 10.
    Wang, X., Feng, D., Lai, X., Yu, H.: Collisions for Hash functions MD4, MD5, HAVAL–128 and RIPEMD (2004), http://eprint.iacr.org/2004/199/
  11. 11.
    Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer (ed.) [5], pp. 19–35Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Çağdaş Çalık
    • 1
  • Meltem Sönmez Turan
    • 2
  1. 1.Institute of Applied MathematicsMiddle East Technical UniversityTurkey
  2. 2.Computer Security DivisionNational Institute of Standards and TechnologyUSA

Personalised recommendations