You are looking at a specific version 20090311:015627 of this paper.
See the latest version.
Paper 2009/112
A 2nd-Preimage Attack on AURORA-512
Yu Sasaki
Abstract
In this note, we present a 2nd-preimage attack on AURORA-512, which is one of the candidates for SHA-3. Our attack can generate 2nd-preimages of any given message, in particular, the attack complexity becomes optimal when the message length is 9 blocks or more. In such a case, the attack complexity is approximately $2^{290}$ AURORA-512 operations, which is less than the brute force attack on AURORA-512, namely, $2^{512-\log_2{9}}\approx2^{508}$. Our attack exploits some weakness in the mode of operation.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- AURORADMMD2nd-preimagemulti-collision
- Contact author(s)
- sasaki yu @ lab ntt co jp
- History
- 2009-03-11: received
- Short URL
- https://ia.cr/2009/112
- License
-
CC BY