Paper 2018/509

Improved Collision Attack on Reduced RIPEMD-160

Fukang Liu, Gaoli Wang, and Zhenfu Cao

Abstract

In this paper, we propose a new cryptanalysis method to mount collision attack on RIPEMD-160. Firstly, we review two existent cryptanalysis methods to mount (semi-free-start) collision attack on MD-SHA hash family and briefly explain their advantages and disadvantages. To make the best use of the advantages of the two methods, we come up with a new method to find a collision. Applying the new technique, we improve the only existent collision attack on the first 30-step RIPEMD-160 presented at Asiacrypt 2017 by a factor of $2^{13}$. Moreover, our new method is much simpler than that presented at Asiacrypt 2017 and there is no need to do the sophisticated multi-step modification even though we mount collision attack until the second round. Besides, we further evaluate the pros and cons of the new method and describe how to carefully apply it in future research. We also implement this attack in C++ and can find the message words to ensure the dense right branch with time complexity $2^{28}$.

Note: Add one more bit condition on $m_{14}$.