scholarly journals Known-Key Distinguishing and Partial-Collision Attacks on GFN-2 with SP F-Function

2020 ◽  
Vol 2020 ◽  
pp. 1-8
Author(s):  
Deukjo Hong
Keyword(s):  
Distinguishing Attack ◽  
Collision Attack ◽  
Collision Attacks

We study known-key distinguishing and partial-collision attacks on GFN-2 structures with various block lengths in this paper. For 4-branch GFN-2, we present 15-round known-key distinguishing attack and 11-round partial-collision attack which improve previous results. We also present 17-round known-key distinguishing attack on 6-branch GFN-2 and 27-round known-key distinguishing attack on 8-branch GFN-2 and show that several partial-collision attacks are derived from them. Additionally, some attacks are valid under special conditions for the F-function.

scholarly journals Quantum Free-Start Collision Attacks on Double Block Length Hashing with Round-Reduced AES-256

2021 ◽  
pp. 316-336
Author(s):  
Amit Kumar Chauhan ◽  
Abhishek Kumar ◽  
Somitra Kumar Sanadhya
Keyword(s):  
Time Complexity ◽  
Block Length ◽  
Compression Function ◽  
Collision Attack ◽  
Classical Setting ◽  
Quantum Version ◽  
Collision Attacks ◽  
Double Block Length

Recently, Hosoyamada and Sasaki (EUROCRYPT 2020), and Xiaoyang Dong et al. (ASIACRYPT 2020) proposed quantum collision attacks against AES-like hashing modes AES-MMO and AES-MP. Their collision attacks are based on the quantum version of the rebound attack technique exploiting the differential trails whose probabilities are too low to be useful in the classical setting but large enough in the quantum setting. In this work, we present dedicated quantum free-start collision attacks on Hirose’s double block length compression function instantiated with AES-256, namely HCF-AES-256. The best publicly known classical attack against HCF-AES-256 covers up to 9 out of 14 rounds. We present a new 10-round differential trail for HCF-AES-256 with probability 2−160, and use it to find collisions with a quantum version of the rebound attack. Our attack succeeds with a time complexity of 285.11 and requires 216 qRAM in the quantum-attack setting, where an attacker can make only classical queries to the oracle and perform offline computations. We also present a quantum free-start collision attack on HCF-AES-256 with a time complexity of 286.07 which outperforms Chailloux, Naya-Plasencia, and Schrottenloher’s generic quantum collision attack (ASIACRYPT 2017) in a model when large qRAM is not available.

scholarly journals Collision Attacks on AES-192/256, Crypton-192/256, mCrypton-96/128, and Anubis

2013 ◽  
Vol 2013 ◽  
pp. 1-10 ◽  
Author(s):  
Jinkeon Kang ◽  
Kitae Jeong ◽  
Jaechul Sung ◽  
Seokhie Hong ◽  
Kyungho Lee
Keyword(s):  
Block Ciphers ◽  
Collision Attack ◽  
Collision Attacks

At AES’00, a collision attack on 7-round reduced AES was proposed. In this paper, we apply this idea to seven SPN block ciphers, AES-192/256, Crypton-192/256, mCrypton-96/128, and Anubis. Applying our attacks on AES-192/256, we improve the attack result based on meet-in-the-middle attack (AES-192) and the attack result proposed in AES’00 (AES-256), respectively. Our attack result on Anubis is superior to known cryptanalytic result on it. In the cases of Crypton-192/256 and mCrypton-96/128, our attacks are applicable to 8-round reduced versions. The attack results on mCrypton-96/128 are more practical than known cryptanalytic results on them.

scholarly journals A Novel Multiple-Bits Collision Attack Based on Double Detection with Error-Tolerant Mechanism

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Ye Yuan ◽  
Liji Wu ◽  
Yijun Yang ◽  
Xiangmin Zhang
Keyword(s):  
Collision Detection ◽  
Euclidean Distance ◽  
Hardware Implementation ◽  
Detection Method ◽  
Computation Time ◽  
Side Channel ◽  
Leakage Model ◽  
Collision Attack ◽  
Collision Attacks ◽  
High Computational Complexity

Side-channel collision attacks are more powerful than traditional side-channel attack without knowing the leakage model or establishing the model. Most attack strategies proposed previously need quantities of power traces with high computational complexity and are sensitive to mistakes, which restricts the attack efficiency seriously. In this paper, we propose a multiple-bits side-channel collision attack based on double distance voting detection (DDVD) and also an improved version, involving the error-tolerant mechanism, which can find all 120 relations among 16 key bytes when applied to AES (Advanced Encryption Standard) algorithm. In addition, we compare our collision detection method called DDVD with the Euclidean distance and the correlation-enhanced collision method under different intensity of noise, which indicates that our detection technique performs better in the circumstances of noise. Furthermore, 4-bit model of our collision detection method is proven to be optimal in theory and in practice. Meanwhile the corresponding practical attack experiments are also performed on a hardware implementation of AES-128 on FPGA board successfully. Results show that our strategy needs less computation time but more traces than LDPC method and the online time for our strategy is about 90% less than CECA and 96% less than BCA with 90% success rate.

scholarly journals New Semi-Free-Start Collision Attack Framework for Reduced RIPEMD-160

2019 ◽  
pp. 169-192
Author(s):  
Fukang Liu ◽  
Christoph Dobraunig ◽  
Florian Mendel ◽  
Takanori Isobe ◽  
Gaoli Wang ◽  
...  
Keyword(s):  
Hash Function ◽  
Time Complexity ◽  
Hash Functions ◽  
Stream Structure ◽  
Collision Attack ◽  
Time Period ◽  
Collision Attacks ◽  
Memory Complexity ◽  
New Framework

RIPEMD-160 is a hash function published in 1996, which shares similarities with other hash functions designed in this time-period like MD4, MD5 and SHA-1. However, for RIPEMD-160, no (semi-free-start) collision attacks on the full number of steps are known. Hence, it is still used, e.g., to generate Bitcoin addresses together with SHA-256, and is an ISO/IEC standard. Due to its dual-stream structure, even semifree- start collision attacks starting from the first step only reach 36 steps, which were firstly shown by Mendel et al. at Asiacrypt 2013 and later improved by Liu, Mendel and Wang at Asiacrypt 2017. Both of the attacks are based on a similar freedom degree utilization technique as proposed by Landelle and Peyrin at Eurocrypt 2013. However, the best known semi-free-start collision attack on 36 steps of RIPEMD-160 presented at Asiacrypt 2017 still requires 255.1 time and 232 memory. Consequently, a practical semi-free-start collision attack for the first 36 steps of RIPEMD-160 still requires a significant amount of resources. Considering the structure of these previous semi-free-start collision attacks for 36 steps of RIPEMD-160, it seems hard to extend it to more steps. Thus, we develop a different semi-free-start collision attack framework for reduced RIPEMD-160 by carefully investigating the message expansion of RIPEMD-160. Our new framework has several advantages. First of all, it allows to extend the attacks to more steps. Second, the memory complexity of the attacks is negligible. Hence, we were able to mount semi-free-start collision attacks on 36 and 37 steps of RIPEMD-160 with practical time complexity 241 and 249 respectively. Additionally, we describe semi-free-start collision attacks on 38 and 40 (out of 80) steps of RIPEMD-160 with time complexity 252 and 274.6, respectively. To the best of our knowledge, these are the best semi-free-start collision attacks for RIPEMD-160 starting from the first step with respect to the number of steps, including the first practical colliding message pairs for 36 and 37 steps of RIPEMD-160.

scholarly journals Quantum rebound attack to D-M structure based on ARIA algorithm

2021 ◽  
Vol 2078 (1) ◽  
pp. 012003
Author(s):  
Shanque Dou ◽  
Ming Mao ◽  
Yanjun Li ◽  
Dongying Qiu
Keyword(s):  
Quantum Computing ◽  
Hash Function ◽  
Block Cipher ◽  
Security Analysis ◽  
Hash Functions ◽  
Block Ciphers ◽  
Collision Attack ◽  
Cryptographic Algorithms ◽  
Collision Attacks ◽  
Quantum Technology

Abstract With the increasing application of quantum computing, quantum technology is increasingly used in the security analysis and research of multiple symmetric cryptographic algorithms such as block ciphers and hash functions. In 2020, Sasaki et al. proposed a dedicated quantum collision attack against hash functions in EUROCRYPT. Some differential trajectories with a probability of 2−2n/3 that cannot be used in the classical environment may be used to launch collision attacks in the quantum environment. The ARIA algorithm is a block cipher proposed by the Korean researcher Kwon et al. on ICISC 2003. The block cipher algorithm is similar to AES in structure. This article mainly analyzes the security of Davies-Meyer structure, and uses AIRA as the permutation function to construct ARIA hash function based on the DM hash model. A new AIRA differential path was found based on MILP, and 7 rounds of ARIA-DM hash function quantum rebound attacks were given.

Linear Distinguishing Attack on Shannon Algorithm

2011 ◽  
Vol 33 (1) ◽  
pp. 190-193
Author(s):  
Ya-qin Chang ◽  
Chen-hui Jin
Keyword(s):  
Distinguishing Attack

A new one-bit difference collision attack on HAVAL-128

2012 ◽  
Vol 55 (11) ◽  
pp. 2521-2529 ◽  
Author(s):  
WenYing Zhang ◽  
YanYan Li ◽  
Lei Wu
Keyword(s):  
Collision Attack
Sign in / Sign up

Export Citation Format

Share Document