Cryptology ePrint Archive: Report 2018/374

Functional Graphs and Their Applications in Generic Attacks on Iterated Hash Constructions

Zhenzhen Bao and Jian Guo and Lei Wang

Abstract: We provide a survey about generic attacks on cryptographic hash constructions including hash-based message authentication codes and hash combiners.

We look into attacks involving iteratively evaluating identical mappings many times. The functional graph of a random mapping also involves iteratively evaluating the mapping. These attacks essentially exploit properties of the functional graph. We map the utilization space of those properties from numerous proposed known attacks, draw a comparison among classes of attacks about their advantages and limitations.

We provide a systematic exposition of concepts of cycles, deep-iterate images, collisions and their roles in cryptanalysis of iterated hash constructions. We identify the inherent relationship between these concepts, such that case-by-case theories about them can be unified into one knowledge system, that is, theories on the functional graph of random mappings. We show that the properties of the cycle search algorithm, the chain evaluation algorithm and the collision search algorithm can be described based on statistic results on the functional graph. Thereby, we can provide different viewpoints to support previous beliefs on individual knowledge.

In that, we invite more sophisticated analysis of the functional graph of random mappings and more future exploitations of its properties in cryptanalysis.

Category / Keywords: secret-key cryptography / Functional graph, Hash-based MAC, Hash combiner, Cycle, Deep-iterate image, Collision, State recovery attack, Forgery attack, (Second) Preimage attack

Original Publication (with minor differences): IACR-FSE-2018

Date: received 24 Apr 2018

Contact author: baozhenzhen10 at gmail com

Available format(s): PDF | BibTeX Citation

Note: Revise Lemma 4 and Lemma 6 in the ToSC volume 2018, issue 1 version [BGW18]

Version: 20180430:210221 (All versions of this report)

Short URL: ia.cr/2018/374


[ Cryptology ePrint archive ]