(Second) Preimage Attacks on Step-Reduced RIPEMD/RIPEMD-128 with a New Local-Collision Approach

  • Lei Wang
  • Yu Sasaki
  • Wataru Komatsubara
  • Kazuo Ohta
  • Kazuo Sakiyama
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6558)

Abstract

This paper uses new types of local collisions named one-message-word local collisions to construct meet-in-the-middle preimage attacks on two double-branch hash functions RIPEMD and RIPEMD-128, and obtains the following results.

  1. 1

    A pseudo-preimage and second preimage attacks on the first 47 steps of RIPEMD (full version: 48 steps) are proposed with complexities of 2119 and 2124.5 compression function computations, respectively. The number of the attacked steps is greatly increased from previous preimage attacks on the first 33 steps and intermediate 35 steps.

     
  2. 2

    A pseudo-preimage and preimage attacks on intermediate 36 steps of RIPEMD-128 (full version: 64 steps) are proposed with complexities of 2123 and 2126.5 compression function computations, respectively, while previous attacks can work at most intermediate 35 steps.

     

Keywords

RIPEMD RIPEMD-128 Meet-in-the-Middle One-Message-Word Local Collision 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Andreeva, E., Bouillaguet, C., Fouque, P.-A., Hoch, J.J., Kelsey, J., Shamir, A., Zimmer, S.: Second preimage attacks on dithered hash functions. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 270–288. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Aoki, K., Guo, J., Matusiewicz, K., Sasaki, Y., Wang, L.: Preimages for step-reduced SHA-2. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 578–597. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Aoki, K., Sasaki, Y.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103–119. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Aoki, K., Sasaki, Y.: Meet-in-the-middle preimage attacks against reduced SHA-0 and SHA-1. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 70–89. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160: A strengthened version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 71–82. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  6. 6.
    Goos, G., Hartmanis, J., van Leeuwen, J. (eds.):Integrity Primitives for Secure Information Systems, Final Report of RACE Integrity Primitives Evaluation RIPE-RACE 1040. LNCS, ch. RIPEMD, vol. 1007, pp. 69–111. Springer, Heidelberg (1995)Google Scholar
  7. 7.
    Guo, J., Ling, S., Rechberger, C., Wang, H.: Advanced meet-in-the-middle preimage attacks: First results on full Tiger, and improved results on MD4 and SHA-2. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 56–75. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Kelsey, J., Schneier, B.: Second preimages on n-bit hash functions for much less than 2\(^{\mbox{n}}\) work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Klima, V.: Tunnels in hash functions: MD5 collisions within a minute. Cryptology ePrint Archive, Report 2006/105 (2006), http://eprint.iacr.org/2006/105
  10. 10.
    Leurent, G.: MD4 is not one-way. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 412–428. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Ohtahara, C., Sasaki, Y., Shimoyama, T.: Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160. In: INSCRYPT (2010)Google Scholar
  12. 12.
    Saarinen, M.-J.O.: A meet-in-the-middle collision attack against the new FORK-256. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 10–17. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Sasaki, Y., Aoki, K.: Finding preimages in full MD5 faster than exhaustive search. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 134–152. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  14. 14.
    Sasaki, Y., Aoki, K.: Meet-in-the-middle preimage attacks on double-branch hash functions: Application to RIPEMD and others. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 214–231. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Wang, G., Wang, S.: Preimage attack on hash function RIPEMD. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 274–284. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Lei Wang
    • 1
  • Yu Sasaki
    • 2
  • Wataru Komatsubara
    • 1
  • Kazuo Ohta
    • 1
  • Kazuo Sakiyama
    • 1
  1. 1.The University of Electro-CommunicationsJapan
  2. 2.NTT CorporationJapan

Personalised recommendations