Attacks on hash functions based on generalized feistel: Application to reduced-round lesamnta and SHAvite-3 512

Charles Bouillaguet, Orr Dunkelman, Gaëan Leurent, Pierre Alain Fouque

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In this paper we study the strength of two hash functions which are based on Generalized Feistels. We describe a new kind of attack based on a cancellation property in the round function. This new technique allows to efficiently use the degrees of freedom available to attack a hash function. Using the cancellation property, we can avoid the non-linear parts of the round function, at the expense of some freedom degrees. Our attacks are mostly independent of the round function in use, and can be applied to similar hash functions which share the same structure but have different round functions. We start with a 22-round generic attack on the structure of Lesamnta, and adapt it to the actual round function to attack 24-round Lesamnta (the full function has 32 rounds). We follow with an attack on 9-round SHAvite-3 512 which also works for the tweaked version of SHAvite-3 512.

Original languageEnglish
Title of host publicationSelected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers
Pages18-35
Number of pages18
DOIs
StatePublished - 2011
Externally publishedYes
Event17th International Workshop on Selected Areas in Cryptography, SAC 2010 - Waterloo, ON, Canada
Duration: 12 Aug 201013 Aug 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6544 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th International Workshop on Selected Areas in Cryptography, SAC 2010
Country/TerritoryCanada
CityWaterloo, ON
Period12/08/1013/08/10

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Attacks on hash functions based on generalized feistel: Application to reduced-round lesamnta and SHAvite-3 512'. Together they form a unique fingerprint.

Cite this