• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>International Workshop on Fast Software Encryption >The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grostl
【24h】

The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grostl

机译:反弹攻击:减少漩涡和克里斯特的密码分析

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In this work, we propose the rebound attack, a new tool for the cryptanalysis of hash functions. The idea of the rebound attack is to use the available degrees of freedom in a collision attack to efficiently bypass the low probability parts of a differential trail. The rebound attack consists of an inbound phase with a match-in-the-middle part to exploit the available degrees of freedom, and a subsequent probabilistic outbound phase. Especially on AES based hash functions, the rebound attack leads to new attacks for a surprisingly high number of rounds. We use the rebound attack to construct collisions for 4.5 rounds of the 512-bit hash function Whirlpool with a complexity of 2~(120) compression function evaluations and negligible memory requirements. The attack can be extended to a near-collision on 7.5 rounds of the compression function of Whirlpool and 8.5 rounds of the similar hash function Maelstrom. Additionally, we apply the rebound attack to the SHA-3 submission Grostl, which leads to an attack on 6 rounds of the Grostl-256 compression function with a complexity of 2~(120) and memory requirements of about 2~(64).
机译:在这项工作中,我们提出了反弹攻击,是哈希函数密码分析的新工具。反弹攻击的思想是在碰撞攻击中使用可用的自由度,以有效地绕过差分跟踪的低概率部件。反弹攻击由一个中间匹配的入站阶段组成,以利用可用的自由度以及随后的概率出站阶段。特别是对基于AES的哈希函数,反弹攻击导致令人惊讶的次数令人惊讶的攻击。我们使用反弹攻击来构建4.5轮的碰撞512位散列函数漩涡,复杂性为2〜(120)压缩功能评估和可忽略的内存要求。该攻击可以扩展到7.5轮涡井压缩功能的近乎碰撞,8.5轮类似哈希函数Maelstrom。此外,我们将反弹攻击应用于SHA-3提交GROSTL,这导致6轮的曲柄-256压缩功能攻击,复杂性为2〜(120),内存要求约为2〜(64)。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号