Preimage Attack on 23-Step Tiger
スポンサーリンク
概要
- 論文の詳細を見る
This paper evaluates the preimage resistance of the Tiger hash function. To our best knowledge, the maximum number of the attacked steps is 17 among previous preimage attacks on Tiger, where the full version has 24 steps. Our attack will extend the number of the attacked steps to 23. The main contribution is a pseudo-preimage attack on the compression function up to 23 steps with a complexity of 2181 following the meet-in-the-middle approach. This attack can be converted to a preimage attack on 23-step Tiger hash function with a complexity of 2187.5. The memory requirement of our attack is 222 words. A Tiger digest has 192bits. Therefore, our attacks are faster than the exhaustive search.
- 2011-01-01
著者
-
WANG Lei
University of Electro-Communications
-
Sasaki Yu
Ntt Information Sharing Platform Laboratories Ntt Corporation
-
Sasaki Yu
Ntt Information Sharing Platform Laboratories Ntt Corp.
-
Sasaki Yu
Ntt Informating Sharing Platform Laboratories Ntt Corporation
関連論文
- Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- Security of Cryptosystems Using Merkle-Damgård in the Random Oracle Model
- Preimage Attack on 23-Step Tiger
- Standard Deviation and Intra Prediction Mode Based Adaptive Spatial Error Concealment (SEC) in H.264/AVC
- Variable Block Size Motion Vector Retrieval Schemes for H.264 Inter Frame Error Concealment
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- New Message Differences for Collision Attacks on MD4 and MD5
- Preimage Attack on 23-Step Tiger
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Cryptanalyses of Double-Mix Merkle-Damgard Mode in the Original Version of AURORA-512
- De-embedding of On-Chip Inductor at Millimeter-Wave Range
- Preimage Attacks against PKC98-Hash and HAS-V
- Preimage Attacks on the Step-Reduced RIPEMD-128 and RIPEMD-160
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Preimage Attacks on the Step-Reduced RIPEMD-128 and RIPEMD-160