Paper 2009/197

Practical pseudo-collisions for hash functions ARIRANG-224/384

Jian Guo, Krystian Matusiewicz, Lars R. Knudsen, San Ling, and Huaxiong Wang

Abstract

In this paper we analyse the security of the SHA-3 candidate ARIRANG. We show that bitwise complementation of whole registers turns out to be very useful for constructing high-probability differential characteristics in the function. We use this approach to find near-collisions with Hamming weight 32 for the full compression function as well as collisions for the compression function of ARIRANG reduced to 26 rounds, both with complexity close to $2^0$ and memory requirements of only a few words. We use near collisions for the compression function to construct pseudo-collisions for the complete hash functions ARIRANG-224 and ARIRANG-384 with complexity $2^{23}$ and close to $2^0$, respectively. We implemented the attacks and provide examples of appropriate pairs of $H,M$ values. We also provide possible configurations which may give collisions for step-reduced and full ARIRANG.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. A previous version appears in SHA-3 Zoo
Keywords
practical pseudo-collisionstep-reduced collisionARIRANG
Contact author(s)
guojian @ ntu edu sg
History
2009-05-20: last of 3 revisions
2009-05-20: received
See all versions
Short URL
https://ia.cr/2009/197
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/197,
      author = {Jian Guo and Krystian Matusiewicz and Lars R.  Knudsen and San Ling and Huaxiong Wang},
      title = {Practical pseudo-collisions for hash functions ARIRANG-224/384},
      howpublished = {Cryptology ePrint Archive, Paper 2009/197},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/197}},
      url = {https://eprint.iacr.org/2009/197}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.