Practical Attacks on the Maelstrom-0 Compression Function
In this paper we present attacks on the compression function of Maelstrom-0. It is based on the Whirlpool hash function standardized by ISO and was designed to be a faster and more robust enhancement. We analyze the compression function and use differential cryptanalysis to construct collisions for reduced variants of the Maelstrom-0 compression function. The attacks presented in this paper are of practical complexity and show significant weaknesses in the construction compared to its predecessor. The methods used are based on recent results in the analysis of AES-based hash functions.
Keywordshash functions cryptanalysis collisions near-collisions
Unable to display preview. Download preview PDF.
- 7.Barreto, P.S.L.M., Rijmen, V.: The Whirlpool Hashing Function. Submitted to NESSIE (September 2000), http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html (revised May 2003)
- 8.Filho, D.G., Barreto, P.S., Rijmen, V.: The maelstrom-0 hash function. In: SBSeg 2006 (2006)Google Scholar