You are looking at a specific version 20220209:084838 of this paper.
See the latest version.
Paper 2022/118
Streebog compression function as PRF in secret-key settings
Vitaly Kiryukhin
Abstract
Security of the many keyed hash-based cryptographic constructions (such as HMAC) depends on the fact that the underlying compression function $g(H,M)$ is a pseudorandom function (PRF). This paper presents key-recovery algorithms for 7 rounds (of 12) of Streebog compression function. Two cases were considered, as a secret key can be used: the previous state $H$ or the message block $M$. The proposed methods implicitly show that Streebog compression function has a large security margin as PRF in the above-mentioned secret-key settings.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Minor revision. CTCrypt 2021 - 10th Workshop on Current Trends in Cryptology, June 1–4, 2021 Moscow region
- Keywords
- StreebogPRFtruncated differentialsreboundpolytopic cryptanalysis
- Contact author(s)
- Vitaly Kiryukhin @ infotecs ru
- History
- 2022-02-09: received
- Short URL
- https://ia.cr/2022/118
- License
-
CC BY