Meet-in-the-Middle Attacks on SHA-3 Candidates
| 详细信息 | 推荐本文 | |
- 作者:Dmitry Khovratovich ; Ivica Nikoli膰 ; Ralf-Philipp Weinmann
- 刊名:Lecture Notes in Computer Science
- 出版时间:2009
- 出版年:2009
- 期刊代码:99_0302-9743
- 类别:cp
- 卷:5665
- 期:1
- 页码:228-245
- 数据来源:sp
摘要
We present preimage attacks on the SHA-3 candidates Boole, EnRUPT, Edon-R, and Sarmal, which are found to be vulnerable against a meet-in-the-middle attack. The idea is to invert (or partially invert) the compression function and to exploit its non-randomness. To launch an attack on a large internal state we manipulate the message blocks to be injected in order to fix some part of the internal state and to reduce the complexity of the attack. To lower the memory complexity of the attack we use the memoryless meet-in-the-middle approach proposed by Morita-Ohta-Miyaguchi.