Paper 2017/534

Functional Graph Revisited: Updates on (Second) Preimage Attacks on Hash Combiners

Zhenzhen Bao, Lei Wang, Jian Guo, and Dawu Gu


This paper studies functional-graph-based (second) preimage attacks against hash combiners. By exploiting more properties of cyclic nodes of functional graph, we find an improved preimage attack against the XOR combiner with a complexity of $2^{5n/8}$, while the previous best-known complexity is $2^{2n/3}$. Moreover, we find the first generic second-preimage attack on Zipper hash with an optimal complexity of $2^{3n/5}$.

Note: Full version, revise the content regarding the expected number of trials reaching deep-iterates simultaneously

Available format(s)
Publication info
A minor revision of an IACR publication in CRYPTO 2017
Hash CombinerFunctional GraphXOR CombinerZipper Hash(Second) Preimage Attack
Contact author(s)
wanglei_hb @ sjtu edu cn
2017-08-19: revised
2017-06-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Zhenzhen Bao and Lei Wang and Jian Guo and Dawu Gu},
      title = {Functional Graph Revisited: Updates on (Second) Preimage Attacks on Hash Combiners},
      howpublished = {Cryptology ePrint Archive, Paper 2017/534},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.