scholarly journals Generic Attacks on Hash Combiners

2019 ◽  
Vol 33 (3) ◽  
pp. 742-823
Author(s):  
Zhenzhen Bao ◽  
Itai Dinur ◽  
Jian Guo ◽  
Gaëtan Leurent ◽  
Lei Wang
Keyword(s):  
Generic Attacks

Generic Attacks on Classical Feistel Ciphers

2017 ◽  
pp. 65-73
Author(s):  
Valerie Nachef ◽  
Jacques Patarin ◽  
Emmanuel Volte
Keyword(s):  
Generic Attacks ◽  
Feistel Ciphers

Analyzing the Linear Keystream Biases in AEGIS

2020 ◽  
pp. 348-368
Author(s):  
Maria Eichlseder ◽  
Marcel Nageler ◽  
Robert Primas
Keyword(s):  
Family Member ◽  
Upper Bounds ◽  
Software Performance ◽  
Authenticated Encryption ◽  
Boolean Operations ◽  
Large State ◽  
Round Function ◽  
Linear Characteristic ◽  
Caesar Competition ◽  
Generic Attacks

AEGIS is one of the authenticated encryption designs selected for the final portfolio of the CAESAR competition. It combines the AES round function and simple Boolean operations to update its large state and extract a keystream to achieve an excellent software performance. In 2014, Minaud discovered slight biases in the keystream based on linear characteristics. For family member AEGIS-256, these could be exploited to undermine the confidentiality faster than generic attacks, but this still requires very large amounts of data. For final portfolio member AEGIS-128, these attacks are currently less efficient than generic attacks. We propose improved keystream approximations for the AEGIS family, but also prove upper bounds below 2−128 for the squared correlation contribution of any single suitable linear characteristic.

Generic attacks on the Lai–Massey scheme

2016 ◽  
Vol 83 (2) ◽  
pp. 407-423
Author(s):  
Yiyuan Luo ◽  
Xuejia Lai ◽  
Yujie Zhou
Keyword(s):  
Generic Attacks

scholarly journals Building a 256-bit hash function on a stronger MD variant

2014 ◽  
Vol 4 (2) ◽  
Author(s):  
Harshvardhan Tiwari ◽  
Krishna Asawa
Keyword(s):  
Hash Function ◽  
Design Principle ◽  
Hash Functions ◽  
High Sensitivity ◽  
Differential Attack ◽  
Compression Function ◽  
Single Output ◽  
Generic Attacks ◽  
Cryptographic Techniques ◽  
Cryptographic Hash Functions

AbstractCryptographic hash functions are important cryptographic techniques and are used widely in many cryptographic applications and protocols. All the MD4 design based hash functions such as MD5, SHA-1, RIPEMD-160 and FORK-256 are built on Merkle-Damgård iterative method. Recent differential and generic attacks against these popular hash functions have shown weaknesses of both specific hash functions and their underlying Merkle-Damgård construction. In this paper we propose a hash function follows design principle of NewFORK-256 and based on HAIFA construction. Its compression function takes three inputs and generates a single output of 256-bit length. An extra input to a compression function is a 64-bit counter (number of bits hashed so far). HAIFA construction shows strong resistance against major generic and other cryptanalytic attacks. The security of proposed hash function against generic attacks, differential attack, birthday attack and statistical attack was analyzed in detail. It is shown that the proposed hash function has high sensitivity to an input message and is secure against different cryptanalytic attacks.

scholarly journals Meet-in-the-Middle Attacks on Classes of Contracting and Expanding Feistel Constructions

2017 ◽  
pp. 307-337 ◽  
Author(s):  
Jian Guo ◽  
Jérémy Jean ◽  
Ivica Nikolic ◽  
Yu Sasaki
Keyword(s):  
The State ◽  
Linear Functions ◽  
Block Length ◽  
Nonlinear Functions ◽  
Round Function ◽  
Generic Attacks ◽  
Key Length ◽  
Feistel Ciphers

We show generic attacks on unbalanced Feistel ciphers based on the meet-in-the-middle technique. We analyze two general classes of unbalanced Feistel structures, namely contracting Feistels and expanding Feistels. In both of the cases, we consider the practical scenario where the round functions are keyless and known to the adversary. In the case of contracting Feistels with 4 branches, we show attacks on 16 rounds when the key length k (in bits) is as large as the block length n (in bits), and up to 24 rounds when k = 2n. In the case of expanding Feistels, we consider two scenarios: one, where different nonlinear functions without particular structures are used in the round function, and a more practical one, where a single nonlinear is used but different linear functions are introduced in the state update. In the former case, we propose generic attacks on 13 rounds when k = n, and up to 21 rounds when k = 2n. In the latter case, 16 rounds can be attacked for k = n, and 24 rounds for k = 2n.

Sign in / Sign up

Export Citation Format

Share Document