Abstract | ||
---|---|---|
The Grøstl hash function is one of the 5 final round candidates of the SHA-3 competition hosted by NIST. In this paper, we study the preimage resistance of the Grøstl hash function. We propose pseudo preimage attacks on Grøstl hash function for both 256-bit and 512-bit versions, i.e., we need to choose the initial value in order to invert the hash function. Pseudo preimage attack on 5(out of 10)-round Grøstl-256 has a complexity of (2244.85,2230.13) (in time and memory) and pseudo preimage attack on 8(out of 14)-round Grøstl-512 has a complexity of (2507.32,2507.00). To the best of our knowledge, our attacks are the first (pseudo) preimage attacks on round-reduced Grøstl hash function, including its compression function and output transformation. These results are obtained by a variant of meet-in-the-middle preimage attack framework by Aoki and Sasaki. We also improve the time complexities of the preimage attacks against 5-round Whirlpool and 7-round AES hashes by Sasaki in FSE 2011. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1007/978-3-642-34047-5_8 | FSE |
Keywords | Field | DocType |
7-round aes hash,hash function,round-reduced gr,meet-in-the-middle preimage attack framework,stl hash function,preimage resistance,compression function,pseudo preimage attack,preimage attack,round gr,whirlpool,aes | SHA-2,Cryptographic hash function,Algorithm,Grøstl,MD4,Hash function,Perfect hash function,Collision attack,Preimage attack,Mathematics | Conference |
Volume | ISSN | Citations |
7549 | 0302-9743 | 19 |
PageRank | References | Authors |
0.64 | 22 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Shuang Wu | 1 | 66 | 5.52 |
Deng-Guo Feng | 2 | 1991 | 190.95 |
Wenling Wu | 3 | 787 | 69.06 |
Jian Guo | 4 | 59 | 7.57 |
Le Dong | 5 | 62 | 6.68 |
Jian Zou | 6 | 53 | 6.16 |