Paper 2010/304

Cryptanalysis of the Compression Function of SIMD

Hongbo Yu and Xiaoyun Wang

Abstract

SIMD is one of the second round candidates of the SHA-3 competition hosted by NIST. In this paper, we present some results on the compression function of SIMD 1.1 (the tweaked version) using the modular difference method. For SIMD-256, We give a free-start near collision attack on the compression function reduced to 20 steps with complexity $2^{-107}$. And for SIMD-512, we give a free-start near collision attack on the 24-step compression function with complexity $2^{208}$. Furthermore, we give a distinguisher attack on the full compression function of SIMD-512 with complexity $2^{398}$. Our attacks are also applicable for the final compression function of SIMD.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
yuhongbo @ mail tsinghua edu cn
History
2010-05-25: received
Short URL
https://ia.cr/2010/304
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/304,
      author = {Hongbo Yu and Xiaoyun Wang},
      title = {Cryptanalysis of the Compression Function of {SIMD}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/304},
      year = {2010},
      url = {https://eprint.iacr.org/2010/304}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.