Cryptology ePrint Archive: Report 2009/634

Attacks on Hash Functions based on Generalized Feistel - Application to Reduced-Round Lesamnta and SHAvite-3_{512}

Charles Bouillaguet and Orr Dunkelman and Gaëtan Leurent and Pierre-Alain Fouque

Abstract: In this paper we study the strength of two hash functions which are based on Generalized Feistels. Our proposed attacks themselves are mostly independent of the round function in use, and can be applied to similar hash functions which share the same structure but have different round functions.

We start with a 22-round generic attack on the structure of Lesamnta, and adapt it to the actual round function to attack 24-round Lesamnta. We then show a generic integral attack on 20-round Lesamnta (which can be used against the block cipher itself). We follow with an attack on 9-round SHAvite-3_{512} which is the first cryptanalytic result on the hash function (which also works for the tweaked version of SHAvite-3_{512}).

Category / Keywords: secret-key cryptography / Lesamnta, SHAvite-3, Cancellation Attack

Date: received 27 Dec 2009, last revised 22 Aug 2010

Contact author: orr dunkelman at weizmann ac il, charles bouillaguet@ens fr, gaetan leurent@ens fr