Skip to main content

Preimages for the Tillich-Zémor Hash Function

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 6544)

Abstract

After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Zémor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function.

We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time.

Our attacks definitely break the Tillich-Zémor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure.

References

  1. Abdukhalikov, K.S., Kim, C.: On the security of the hashing scheme based on SL2. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 93–102. Springer, Heidelberg (1998)

    CrossRef  Google Scholar 

  2. Charles, D., Goren, E., Lauter, K.: Cryptographic hash functions from expander graphs. J. Cryptology 22(1), 93–113 (2009)

    MathSciNet  CrossRef  MATH  Google Scholar 

  3. Charnes, C., Pieprzyk, J.: Attacking the SL2 hashing scheme. In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 322–330. Springer, Heidelberg (1995)

    CrossRef  Google Scholar 

  4. de Meulenaer, G., Petit, C., Quisquater, J.-J.: Hardware implementations of a variant of Zémor-Tillich hash function: Can a provably secure hash function be very efficient? (2009) (preprint)

    Google Scholar 

  5. Geiselmann, W.: A note on the hash function of Tillich and Zémor. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 51–52. Springer, Heidelberg (1996)

    CrossRef  Google Scholar 

  6. Grassl, M., Ilic, I., Magliveras, S., Steinwandt, R.: Cryptanalysis of the Tillich-Zémor hash function. Cryptology ePrint Archive, Report 2009/376 (2009), http://eprint.iacr.org/

  7. Helfgott, H.A.: Growth and generation in SL 2(Z/pZ) (2005)

    Google Scholar 

  8. Mesirov, J.P., Sweet, M.M.: Continued fraction expansions of rational expressions with irreducible denominators in characteristic 2. Journal of Number Theory 27, 144–148 (1987)

    MathSciNet  CrossRef  MATH  Google Scholar 

  9. Petit, C., Lauter, K., Quisquater, J.-J.: Full cryptanalysis of LPS and morgenstern hash functions. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 263–277. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  10. Petit, C., Quisquater, J.-J., Tillich, J.-P., Zémor, G.: Hard and easy components of collision search in the Zémor-tillich hash function: New attacks and reduced variants with equivalent security. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 182–194. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  11. Steinwandt, R., et al.: Weaknesses in the \(\mathrm{SL}_2(\mathbb{F}_{2^n})\) hashing scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 287. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  12. Tillich, J.-P., Zémor, G.: Hashing with SL 2. In: Desmedt, Y. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 40–49. Springer, Heidelberg (1994)

    Google Scholar 

  13. Tillich, J.-P., Zémor, G.: Collisions for the LPS expander graph hash function. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 254–269. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  14. Tillich, J.-P., Zémor, G.: Group-theoretic hash functions. In: Cohen, G., Lobstein, A., Zémor, G., Litsyn, S.N. (eds.) Algebraic Coding 1993. LNCS, vol. 781, pp. 90–110. Springer, Heidelberg (1994)

    CrossRef  Google Scholar 

  15. Zémor, G.: Hash functions and graphs with large girths. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 508–511. Springer, Heidelberg (1991)

    CrossRef  Google Scholar 

  16. Zémor, G.: Hash functions and Cayley graphs. Des. Codes Cryptography 4(4), 381–394 (1994)

    MathSciNet  CrossRef  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Petit, C., Quisquater, JJ. (2011). Preimages for the Tillich-Zémor Hash Function. In: Biryukov, A., Gong, G., Stinson, D.R. (eds) Selected Areas in Cryptography. SAC 2010. Lecture Notes in Computer Science, vol 6544. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19574-7_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-19574-7_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-19573-0

  • Online ISBN: 978-3-642-19574-7

  • eBook Packages: Computer ScienceComputer Science (R0)