Deterministic Differential Properties of the Compression Function of BMW

  • Jian Guo
  • Søren S. Thomsen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6544)

Abstract

In this paper, we give some determinstic differential properties for the compression function of SHA-3 candidate Blue Midnight Wish (tweaked version for round 2). The computational complexity is about 20 compression function calls. This applies to security parameters 0/16, 1/15, and 2/14. The efficient differentials can be used to find pseudo-preimages of the compression function with marginal gain over brute force. However, none of these attacks threaten the security of the BMW hash functions.

Keywords

Hash function cryptanalysis Blue Midnight Wish SHA-3 differential 

References

  1. 1.
    Aumasson, J.-P.: Practical distinguisher for the compression function of Blue Midnight Wish. Comment on the NIST Hash Competition (Feburary 2010),http://131002.net/data/papers/Aum10.pdf
  2. 2.
    De Cannière, C., Rechberger, C.: Finding SHA-1 Characteristics: General Results and Applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Gligoroski, D., Klíma, V., Knapskog, S.J., El-Hadedy, M., Amundsen, J., Mjølsnes, S.F.: Cryptographic hash function BLUE MIDNIGHT WISH. Submission to NIST (Round 2) (September 2009), http://people.item.ntnu.no/~danilog/Hash/BMW-SecondRound/Supporting_Documentation/BlueMidnightWishDocumentation.pdf (March 22, 2010)
  4. 4.
    Guo, J., Thomsen, S.S.: C program that demonstrates the distinguisher, http://www2.mat.dtu.dk/people/S.Thomsen/bmw/bmw-distinguisher.zip
  5. 5.
    National Institute of Standards and Technology. Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register 27(212), 62212–62220 (November 2007), http://csrc.nist.gov/groups/ST/hash/documents/FR_Notice_Nov07.pdf (April 7, 2009)
  6. 6.
    Nikolić, I., Pieprzyk, J., Sokołowski, P., Steinfeld, R.: Rotational Cryptanalysis of (Modified) Versions of BMW and SIMD. Comment on the NIST Hash Competition (March 2010), https://cryptolux.org/mediawiki/uploads/0/07/Rotational_distinguishers_%28Nikolic%2C_Pieprzyk%2C_Sokolowski%2C_Steinfeld%29.pdf (March 22, 2010)
  7. 7.
    Thomsen, S.S.: Pseudo-cryptanalysis of the Original Blue Midnight Wish. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 304–317. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Jian Guo
    • 1
  • Søren S. Thomsen
    • 2
  1. 1.Nanyang Technological UniversitySingapore
  2. 2.DTU MathematicsTechnical University of DenmarkDenmark

Personalised recommendations