Practical Pseudo-collisions for Hash Functions ARIRANG-224/384

Jian Guo, Krystian Matusiewicz, Lars Ramkilde Knudsen, San Ling, Huaxiong Wang

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    Abstract

    In this paper we analyse the security of the SHA-3 candidate ARIRANG. We show that bitwise complementation of whole registers turns out to be very useful for constructing high-probability differential characteristics in the function. We use this approach to find near-collisions with Hamming weight 32 for the full compression function as well as collisions for the compression function of ARIRANG reduced to 26 rounds, both with complexity close to 2^0 and memory requirements of only a few words. We use near collisions for the compression function to construct pseudo-collisions for the complete hash functions ARIRANG-224 and ARIRANG-384 with complexity 2^23 and close to 2^0, respectively. We implemented the attacks and provide examples of appropriate pairs of H,M values. We also provide possible configurations which may give collisions for step-reduced and full ARIRANG.
    Original languageEnglish
    Title of host publicationSelected Areas in Cryptography : 16th Annual International Workshop
    EditorsMichael J. Jacobson, Vincent Rijmen, Reihaneh Safavi-Naini
    Number of pages467
    Volume5867
    Place of PublicationBerlin Heidelberg
    PublisherSpringer
    Publication date2009
    Edition1st
    Pages141-156
    ISBN (Print)978-3-642-05443-3
    DOIs
    Publication statusPublished - 2009
    EventSelected Areas in Cryptography: 16th Annual International Workshop - Calgary, Canada
    Duration: 13 Aug 200914 Aug 2009
    Conference number: 16

    Workshop

    WorkshopSelected Areas in Cryptography: 16th Annual International Workshop
    Number16
    Country/TerritoryCanada
    CityCalgary
    Period13/08/200914/08/2009

    Keywords

    • pseudo-collision
    • practical
    • ARIRANG

    Fingerprint

    Dive into the research topics of 'Practical Pseudo-collisions for Hash Functions ARIRANG-224/384'. Together they form a unique fingerprint.

    Cite this