Paper 2009/478

Pseudo-cryptanalysis of the Original Blue Midnight Wish

Søren S. Thomsen


The hash function Blue Midnight Wish (BMW) is a candidate in the SHA-3 competition organised by the U.S. National Institute of Standards and Technology (NIST). BMW was selected for the second round of the competition, but the algorithm was tweaked in a number of ways. In this paper we describe cryptanalysis on the original version of BMW, as submitted to the SHA-3 competition in October 2008. When we refer to BMW, we therefore mean the original version of the algorithm. The attacks described are (near-)collision, preimage and second preimage attacks on the BMW compression function. These attacks can also be described as pseudo-attacks on the full hash function, i.e., as attacks in which the adversary is allowed to choose the initial value of the hash function. The complexities of the attacks are about 2^{14} for the near-collision attack, about 2^{3n/8+1} for the pseudo-collision attack, and about 2^{3n/4+1} for the pseudo-(second) preimage attack, where n is the output length of the hash function. Memory requirements are negligible. Moreover, the attacks are not (or only moderately) affected by the choice of security parameter for BMW.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
hash function cryptanalysisSHA-3 competitionBlue Midnight Wishpseudo-attacks
Contact author(s)
s thomsen @ mat dtu dk
2009-09-29: received
Short URL
Creative Commons Attribution


      author = {Søren S.  Thomsen},
      title = {Pseudo-cryptanalysis of the Original Blue Midnight Wish},
      howpublished = {Cryptology ePrint Archive, Paper 2009/478},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.