Rebound Attacks on Stribog

详细信息    查看全文

• 关键词：Cryptanalysis ; Hash functions ; Meet in the middle ; Rebound attack ; GOST R 34.11 ; 2012 ; Stribog
• 刊名：Lecture Notes in Computer Science
• 出版年：2014
• 出版时间：2014
• 年：2014
• 卷：1
• 期：1
• 页码：175-188
• 全文大小：1,232 KB
• 参考文献：1. The National Hash Standard of the Russian Federation GOST R 34.11-2012. Russian Federal Agency on Technical Regulation and Metrology report (2012). https://www.tc26.ru/en/GOSTR34112012/GOST_R_34_112012_eng.pdf
  2. Canteaut, A., Fuhr, T., Naya-Plasencia, M., Paillier, P., Reinhard, J.-R., Videau, M.: A unified indifferentiability proof for permutation- or block cipher-based hash functions. Cryptology ePrint Archive, Report 2012/363 (2012). http://eprint.iacr.org/2012/363
  3. Chang, S., Perlner, R., Burr, W.E., Turan, M., Kelsey, J., Paul, S., Bassham, L.E.: Third-round report of the SHA-3 cryptographic hash algorithm competition (2012). http://nvlpubs.nist.gov/nistpubs/ir/2012/NIST.IR.7896.pdf
  4. Gilbert, H., Peyrin, T.: Super-Sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365-83. Springer, Heidelberg (2010) CrossRef
  5. Jean, J., Fouque, P.-A.: Practical near-collisions and collisions on round-reduced ECHO-256 compression function. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 107-27. Springer, Heidelberg (2011) CrossRef
  6. Kazymyrov, O., Kazymyrova, V.: Algebraic aspects of the russian hash standard GOST R 34.11-2012. Cryptology ePrint Archive, Report 2013/556 (2013). http://eprint.iacr.org/
  7. Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B.I. (ed.) FSE 1995. LNCS, vol. 1008, pp. 196-11. Springer, Heidelberg (1995) CrossRef
  8. Lamberger, M., Mendel, F., Rechberger, C., Rijmen, V., Schl?ffer, M.: Rebound distinguishers: results on the full whirlpool compression function. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 126-43. Springer, Heidelberg (2009) CrossRef
  9. Matusiewicz, K., Naya-Plasencia, M., Nikoli?, I., Sasaki, Y., Schl?ffer, M.: Rebound attack on the full Lane compression function. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 106-25. Springer, Heidelberg (2009) CrossRef
  10. Matyukhin, D., Rudskoy, V., Shishkin, V.: A perspective hashing algorithm. In: RusCrypto (2010). (In Russian)
  11. Matyukhin, D.: Some methods of hash functions analysis with application to the GOST P 34.11-94 algorithm. Mat. Vopr. Kriptogr. 3(4), 71-9 (2012)
  12. Mendel, F., Peyrin, T., Rechberger, C., Schl?ffer, M.: Improved cryptanalysis of the reduced Gr?stl compression function, ECHO permutation and AES block cipher. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 16-5. Springer, Heidelberg (2009) CrossRef
  13. Mendel, F., Pramstaller, N., Rechberger, C.: A (second) preimage attack on the GOST hash function. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 224-34. Springer, Heidelberg (2008) CrossRef
  14. Mendel, F., Pramstaller, N., Rechberger, C., Kontak, M., Szmidt, J.: Cryptanalysis of the GOST hash function. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 162-78. Springer, Heidelberg (2008) CrossRef
  15. Mendel, F., Rechberger, C., Schl?ffer, M., Thomsen, S.S.: The rebound attack: cryptanalysis of reduced whirlpool and Gr?stl . In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260-76. Springer, Heidelberg (2009) CrossRef
  16. Mendel, F., Rechberger, C., Schl?ffer, M., Thomsen, S.S.: Rebound attacks on the reduced Gr?stl hash function. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 350-65. Springer, Heidelberg (2010) CrossRef
  17. Rijmen, V., Toz, D., Var?c?, K.: Rebound attack on reduced-round versions of JH. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 286-03. Springer, Heidelberg (2010) CrossRef
  18. Sasaki, Y., Wang, L., Wu, S., Wu, W.: Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 562-79. Springer, Heidelberg (2012) CrossRef
  19. Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156-70. Springer, Heidelberg (1999) CrossRef
  20. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17-6. Springer, Heidelberg (2005) CrossRef
  21. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19-5. Springer, Heidelberg (2005) CrossRef
  
• 作者单位：Riham AlTawy (15)
  Aleksandar Kircanski (15)
  Amr M. Youssef (15)
  
  15. Concordia Institute for Information Systems Engineering, Concordia University, Montréal, QC, H4B 1R6, Canada
  
• ISSN：1611-3349

文摘

In August 2012, the Stribog hash function was selected as the new Russian hash standard (GOST R 34.11-012). Stribog is an AES-based primitive and is considered as an asymmetric reply to the new SHA-3. In this paper we investigate the collision resistance of the Stribog compression function and its internal cipher. Specifically, we present a message differential path for the internal block cipher that allows us to efficiently obtain a 5-round free-start collision and a 7.75 free-start near collision for the internal cipher with complexities \(2^8\) and \(2^{40}\) , respectively. Finally, the compression function is analyzed and a 7.75 round semi free-start collision, 8.75 and 9.75 round semi free-start near collisions are presented along with an example for 4.75 round 50 out of 64 bytes near colliding message pair.