Cryptology ePrint Archive: Report 2014/1012

The Boomerang Attacks on BLAKE and BLAKE2

Yonglin Hao

Abstract: n this paper, we study the security margins of hash functions BLAKE and BLAKE2 against the boomerang attack. We launch boomerang attacks on all four members of BLAKE and BLAKE2, and compare their complexities. We propose 8.5-round boomerang attacks on both BLAKE-512 and BLAKE2b with complexities $2^{464}$ and $2^{474}$ respectively. We also propose 8-round attacks on BLAKE-256 with complexity $2^{198}$ and 7.5-round attacks on BLAKE2s with complexity $2^{184}$. We verify the correctness of our analysis by giving practical 6.5-round Type I boomerang quartets for each member of BLAKE and BLAKE2.

According to our analysis, some tweaks introduced by BLAKE2 have increased its resistance against boomerang attacks to a certain extent. But on the whole, BLAKE still has higher a secure margin than BLAKE2.

Category / Keywords: secret-key cryptography / Cryptanalysis, Boomerang, BLAKE, BLAKE2, Message Modification, Differential Characteristics

Original Publication (with minor differences): Inscrypt 2014

Date: received 18 Dec 2014

Contact author: haoyl14 at mails tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Note: My first study on Hash Functions

Version: 20141226:230724 (All versions of this report)

Short URL: ia.cr/2014/1012

Discussion forum: Show discussion | Start new discussion