A preimage attack on 32-step SM3 hash function and a pseudo-collision attack on 33-step SM3 hash function respectively were shown.32-step preimage attack was based on the differential meet-in-the-middle and biclique technique,while the previously known best preimage attack on SM3 was only 30-step.The 33-step pseudo-collision attack was constructed by using the same techniques.The preimage attack on 32-step SM3 can be computed with a complexity of 2254.5,and a memory of 25.Furthermore,The pseudo-preimage and pseudo-collision attacks on 33-step SM3 by extending the differential characteristic of the 32-step preimage attack were present.The pseudo-collision attack on 33-step SM3 can be computed with a complexity of 2126.7,and a memory of 23.%提出了对SM3散列函数32轮的原像攻击和33轮的伪碰撞攻击.利用差分中间相遇攻击与biclique技术改进了对SM3的原像分析结果,将攻击结果从之前的30轮提高到了32轮.基于上述方法,通过扩展32轮原像攻击中的差分路径,对SM3构造了33轮的伪碰撞攻击.以2254.5的时间复杂度与25的空间复杂度构造了对SM3的32轮原像攻击,并以2126.7的时间复杂度与23的空间复杂度构造了对SM3的33轮伪碰撞攻击.
展开▼