Paper 2024/300
Diving Deep into the Preimage Security of AES-like Hashing
Abstract
Since the seminal works by Sasaki and Aoki, Meet-in-the-Middle (MITM) attacks are recognized as an effective technique for preimage and collision attacks on hash functions. At Eurocrypt 2021, Bao et al. automated MITM attacks on AES-like hashing and improved upon the best manual result. The attack framework has been furnished by subsequent works, yet far from complete. This paper elucidates three key contributions dedicated in further generalizing the idea of MITM and refining the automatic model on AES-like hashing. (1) We introduce S-box linearization to MITM pseudo-preimage attacks on AES-like hashing. The technique suits perfectly with superposition states to preserve information after S-box with an affordable cost. (2) We propose distributed initial structures, an extension on the original concept of initial states, that selects initial degrees of freedom in a more versatile manner to enlarge the search space. (3) We exploit the structural similarities between encryption and key schedule in constructions (e.g. Whirlpool and Streebog) to model propagations more accurately and avoid repeated costs. Weaponed with these innovative techniques, we further empower the MITM framework and improve the attack results on AES-like designs for preimage and collision. We obtain the first preimage attacks on 10-round AES-192, 10-round Rijndael-192/256, and 7.75-round Whirlpool, reduced time and/or memory complexities for preimage attacks on 5-, 6-round Whirlpool and 7.5-, 8.5-round Streebog, as well as improved collision attacks on 6- and 6.5-round Whirlpool.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- A minor revision of an IACR publication in EUROCRYPT 2024
- Keywords
- Meet-in-the-MiddlePreimage AttackAESRijndaelWhirlpoolStreebog
- Contact author(s)
-
shiyao chen @ ntu edu sg
guojian @ ntu edu sg
elist @ posteo de
shidanping @ iie ac cn
tianyu005 @ e ntu edu sg - History
- 2024-03-11: revised
- 2024-02-22: received
- See all versions
- Short URL
- https://ia.cr/2024/300
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/300, author = {Shiyao Chen and Jian Guo and Eik List and Danping Shi and Tianyu Zhang}, title = {Diving Deep into the Preimage Security of {AES}-like Hashing}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/300}, year = {2024}, url = {https://eprint.iacr.org/2024/300} }