Advertisement

Pseudo-cryptanalysis of the Original Blue Midnight Wish

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6147)

Abstract

The hash function Blue Midnight Wish (BMW) is a candidate in the SHA-3 competition organized by the U.S. National Institute of Standards and Technology (NIST). BMW was selected for the second round of the competition, but the algorithm was tweaked in a number of ways. In this paper we describe cryptanalysis on the original version of BMW, as submitted to the SHA-3 competition in October 2008.

The attacks described are (near-)collision, preimage and second preimage attacks on the BMW compression function. These attacks can also be described as pseudo-attacks on the full hash function, i.e., as attacks in which the adversary is allowed to choose the initial value of the hash function. The complexities of the attacks are about 214 for the near-collision attack, about 23n/8 + 1 for the pseudo-collision attack, and about 23n/4 + 1 for the pseudo-(second) preimage attack, where n is the output length of the hash function. Memory requirements are negligible. Moreover, the attacks are not (or only moderately) affected by the choice of security parameter for BMW.

Keywords

hash function cryptanalysis SHA-3 competition Blue Midnight Wish pseudo-attacks 

References

  1. 1.
    National Institute of Standards and Technology: The SHA-3 competition website available, http://csrc.nist.gov/groups/ST/hash/sha-3/index.html (2009/08/26)
  2. 2.
    Gligoroski, D., Klíma, V., Knapskog, S.J., El-Hadedy, M., Amundsen, J., Mjølsnes, S.F.: Cryptographic Hash Function Blue Midnight Wish. SHA-3 Algorithm Submission (October 2008), http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/Blue_Midnight_Wish.zip (2009/11/09)
  3. 3.
    Damgård, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)Google Scholar
  4. 4.
    Merkle, R.C.: One Way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)Google Scholar
  5. 5.
    Thomsen, S.S.: A near-collision attack on the Blue Midnight Wish compression function. Manuscript (November 2008), http://www.mat.dtu.dk/people/S.Thomsen/bmw/nc-compress.pdf (2009/09/09)
  6. 6.
    Thomsen, S.S.: Pseudo-cryptanalysis of the Original Blue Midnight Wish. Cryptology ePrint Archive, Report 2009/478 (2009), http://eprint.iacr.org/
  7. 7.
    Gligoroski, D., Klíma, V.: A Document describing all modifications made on the Blue Midnight Wish cryptographic hash function before entering the Second Round of SHA-3 hash competition (September 2009), http://people.item.ntnu.no/~danilog/Hash/BMW-SecondRound/Supporting_Documentation/Round2Mods.pdf (2009/11/09)
  8. 8.
    Aumasson, J.P.: Practical distinguisher for the compression function of Blue Midnight Wish. Manuscript, http://131002.net/data/papers/Aum10.pdf (2010/03/10)
  9. 9.
    Guo, J., Thomsen, S.S.: Distinguishers for the Compression Function of Blue Midnight Wish with Probability 1. Manuscript (March 2010), http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-distinguishers.pdf (2010/03/31)

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  1. 1.DTU MathematicsTechnical University of Denmark 

Personalised recommendations