Paper 2008/048

Improved Cryptanalysis of APOP-MD4 and NMAC-MD4 using New Differential Paths

Donghoon Chang, Jaechul Sung, Seokhie Hong, and Sangjin Lee

Abstract

In case of security analysis of hash functions, finding a good collision-inducing differential paths has been only focused on. However, it is not clear how differential paths of a hash function influence the securities of schemes based on the hash function. In this paper, we show that any differential path of a hash function can influence the securities of schemes based on the hash function. We explain this fact with the MD4 hash function. We first show that APOP-MD4 with a nonce of fixed length can be analyzed efficiently with a new differential path. Then we improve the result of the key-recovery attack on NMAC-MD4 described by Fouque {\em et al.} \cite{FoLeNg07} by combining new differential paths. Our results mean that good hash functions should have the following property : \textit{It is computationally infeasible to find differential a path of hash functions with a high probability}.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
MD4Differential PathAPOPNMAC.
Contact author(s)
pointchang @ gmail com
History
2008-01-30: received
Short URL
https://ia.cr/2008/048
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2008/048,
      author = {Donghoon Chang and Jaechul Sung and Seokhie Hong and Sangjin Lee},
      title = {Improved Cryptanalysis of {APOP}-{MD4} and {NMAC}-{MD4} using New Differential Paths},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/048},
      year = {2008},
      url = {https://eprint.iacr.org/2008/048}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.