Cryptology ePrint Archive: Report 2009/197

Practical pseudo-collisions for hash functions ARIRANG-224/384

Jian Guo and Krystian Matusiewicz and Lars R. Knudsen and San Ling and Huaxiong Wang

Abstract: In this paper we analyse the security of the SHA-3 candidate ARIRANG. We show that bitwise complementation of whole registers turns out to be very useful for constructing high-probability differential characteristics in the function. We use this approach to find near-collisions with Hamming weight 32 for the full compression function as well as collisions for the compression function of ARIRANG reduced to 26 rounds, both with complexity close to $2^0$ and memory requirements of only a few words. We use near collisions for the compression function to construct pseudo-collisions for the complete hash functions ARIRANG-224 and ARIRANG-384 with complexity $2^{23}$ and close to $2^0$, respectively. We implemented the attacks and provide examples of appropriate pairs of $H,M$ values. We also provide possible configurations which may give collisions for step-reduced and full ARIRANG.

Category / Keywords: secret-key cryptography / practical pseudo-collision, step-reduced collision, ARIRANG

Publication Info: A previous version appears in SHA-3 Zoo

Date: received 6 May 2009, last revised 20 May 2009

Contact author: guojian at ntu edu sg

Available format(s): PDF | BibTeX Citation

Version: 20090520:062019 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]