Cryptology ePrint Archive: Report 2015/151

Bad directions in cryptographic hash functions

Daniel J. Bernstein and Andreas Hülsing and Tanja Lange and Ruben Niederhagen

Abstract: A 25-gigabyte "point obfuscation" challenge "using security parameter 60" was announced at the Crypto 2015 rump session; "point obfuscation" is another name for password hashing. This paper shows that the particular matrix-multiplication hash function used in the challenge is much less secure than previous password-hashing functions are believed to be. This paper's attack algorithm broke the challenge in just 19 minutes using a cluster of 21 PCs.

Category / Keywords: secret-key cryptography / symmetric cryptography, hash functions, password hashing, point obfuscation, matrix multiplication, meet-in-the-middle attacks, meet-in-many-middles attacks

Date: received 23 Feb 2015

Contact author: authorcontact-obviouscation at box cr yp to

Available format(s): PDF | BibTeX Citation

Version: 20150227:213115 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]