Cryptology ePrint Archive: Report 2010/198

The Rebound Attack and Subspace Distinguishers: Application to Whirlpool

Mario Lamberger and Florian Mendel and Christian Rechberger and Vincent Rijmen and Martin Schläffer

Abstract: We introduce the rebound attack as a variant of differential cryptanalysis on hash functions and apply it to the hash function Whirlpool, standardized by ISO/IEC. We give attacks on reduced variants of the Whirlpool hash function and the Whirlpool compression function. Next, we introduce the subspace problems as generalizations of near-collision resistance. Finally, we present distinguishers based on the rebound attack, that apply to the full compression function of Whirlpool and the underlying block cipher $W$.

Category / Keywords: secret-key cryptography / hash functions, cryptanalysis, near-collision, distinguisher

Publication Info: Submitted to a journal

Date: received 9 Apr 2010

Contact author: mario lamberger at iaik tugraz at

Available formats: PDF | BibTeX Citation

Version: 20100409:151913 (All versions of this report)

Discussion forum: Show discussion | Start new discussion