Paper 2015/959
Cryptanalysis of the Round-Reduced Kupyna Hash Function
Jian Zou and Le Dong
Abstract
The Kupyna hash function was selected as the new Ukrainian standard DSTU 7564:2014 in 2015. It is designed to replace the old Independent States (CIS) standard GOST 34.311-95. The Kupyna hash function is an AES-based primitive, which uses Merkle-Damgård compression function based on Even-Mansour design. In this paper, we show the first cryptanalytic attacks on the round-reduced Kupyna hash function. Using the rebound attack, we present a collision attack on 5-round of the Kupyna-256 hash function. The complexity of this collision attack is ($2^{120},2^{64}$) (in time and memory). Furthermore, we use guess-and-determine MitM attack to construct pseudo-preimage attacks on 6-round Kupyna-256 and Kupyna-512 hash function, respectively. The complexity of these preimage attacks are ($2^{250.33},2^{250.33}$) and ($2^{498.33},2^{498.33}$) (in time and memory), respectively.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Kupynapreimage attackcollision attackrebound attackmeet-in-the-middleguess-and-determine
- Contact author(s)
- zoujian @ fzu edu cn
- History
- 2015-10-02: received
- Short URL
- https://ia.cr/2015/959
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/959, author = {Jian Zou and Le Dong}, title = {Cryptanalysis of the Round-Reduced Kupyna Hash Function}, howpublished = {Cryptology {ePrint} Archive, Paper 2015/959}, year = {2015}, url = {https://eprint.iacr.org/2015/959} }