eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2006/478

Near-Collision Attack and Collision-Attack on Double Block Length Compression Functions based on the Block Cipher IDEA

Donghoon Chang

Abstract

IDEA is a block cipher designed by Xuejia Lai and James L. Massey and was first described in 1991. IDEA does not vary the constant in its key schedule. In \cite{ChYu06}, Donghoon Chang and Moti Yung showed that there may be a weakness of hash function based on block cipher whose key schedule does not use various constants. Based on their result, we investigate the security of double block length compression functions based on the block cipher IDEA such that the key size of IDEA is 128 bits and its block length is 64 bits. We use the double block length hash functions proposed by Shoichi Hirose in the second hash workshop in 2006 \cite{Hirose06}. Then, we can easily find a near-collision by hand. And also, for a constant $c$ of DBL hash functions, we can find a collision by hand. This means that the constant $c$ may be used as a trapdoor to make the attacker find collision easily.

Metadata
Available format(s)
PDF PS
Publication info
Published elsewhere. Unknown where it was published
Keywords
Hash FunctionCollision AttackNear Collision AttackBlock CipherDouble Block Length Hash FunctionConstantIDEA.
Contact author(s)
pointchang @ gmail com
History
2006-12-24: revised
2006-12-24: received
See all versions
Short URL
https://ia.cr/2006/478
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2006/478,
      author = {Donghoon Chang},
      title = {Near-Collision Attack and Collision-Attack on Double Block Length Compression Functions based on the Block Cipher IDEA},
      howpublished = {Cryptology ePrint Archive, Paper 2006/478},
      year = {2006},
      note = {\url{https://eprint.iacr.org/2006/478}},
      url = {https://eprint.iacr.org/2006/478}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.