Cryptology ePrint Archive: Report 2007/277

Cryptanalysis of a class of cryptographic hash functions

Praveen Gauravaram and John Kelsey

Abstract: We apply new cryptanalytical techniques to perform the generic multi-block multicollision, second preimage and herding attacks on the Damg{\aa}rd-Merkle hash functions with linear-XOR/additive checksums. The computational work required to perform these attacks on the Damg{\aa}rd-Merkle hash functions with linear-XOR/additive checksum of message blocks (GOST), intermediate states (\textbf{3C}, MAELSTROM-0, F-Hash) or both is only a little more than what is required on the Damg{\aa}rd-Merkle hash functions. Our generic attacks on GOST answers the open question of Hoch and Shamir at FSE 2006 on the security of the iterated hash functions with the linear mixing of message blocks.

Category / Keywords: Cryptographic hash functions

Date: received 19 Jul 2007, last revised 16 Nov 2007

Contact author: p gauravaram at gmail com

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: Any comments on the paper are welcome.

Version: 20071116:133913 (All versions of this report)

Discussion forum: Show discussion | Start new discussion