Paper 2009/197

Practical pseudo-collisions for hash functions ARIRANG-224/384

Jian Guo, Krystian Matusiewicz, Lars R. Knudsen, San Ling, and Huaxiong Wang

Abstract

In this paper we analyse the security of the SHA-3 candidate ARIRANG. We show that bitwise complementation of whole registers turns out to be very useful for constructing high-probability differential characteristics in the function. We use this approach to find near-collisions with Hamming weight 32 for the full compression function as well as collisions for the compression function of ARIRANG reduced to 26 rounds, both with complexity close to 20 and memory requirements of only a few words. We use near collisions for the compression function to construct pseudo-collisions for the complete hash functions ARIRANG-224 and ARIRANG-384 with complexity 223 and close to 20, respectively. We implemented the attacks and provide examples of appropriate pairs of H,M values. We also provide possible configurations which may give collisions for step-reduced and full ARIRANG.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. A previous version appears in SHA-3 Zoo
Keywords
practical pseudo-collisionstep-reduced collisionARIRANG
Contact author(s)
guojian @ ntu edu sg
History
2009-05-20: last of 3 revisions
2009-05-20: received
See all versions
Short URL
https://ia.cr/2009/197
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/197,
      author = {Jian Guo and Krystian Matusiewicz and Lars R.  Knudsen and San Ling and Huaxiong Wang},
      title = {Practical pseudo-collisions for hash functions {ARIRANG}-224/384},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/197},
      year = {2009},
      url = {https://eprint.iacr.org/2009/197}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.