A Distinguisher for the Compression Function of SIMD-512

Tomislav Nad, Florian Mendel

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

SIMD is one of the round 2 candidates of the public SHA-3 competition hosted by NIST. It was designed by Leurent et al.. In this paper, we present a distinguisher attack on the compression function of SIMD-512. By linearizing the compression function we construct a linear code. Using techniques from coding theory to search for low Hamming weight codewords, we can find differential characteristics with low Hamming weight (and hence high probability). In the attack the differences are introduced only in the IV. Such a characteristic is the base for our distinguisher, which can distinguish the compression function of SIMD-512 from random with a complexity of 5·2425.28 compression function calls. Furthermore, we can distinguish the output transformation of SIMD-512 from random with a complexity of about 22·2425.28 compression function calls. So far this is the first cryptanalytic result for the SIMD hash function
Original languageEnglish
Title of host publicationProgress in Cryptology - INDOCRYPT 2009
EditorsBimal Roy, Nicolas Sendrier
Place of PublicationBerlin; Heidelberg
PublisherSpringer
Pages219-232
ISBN (Print)978-3-642-10627-9
DOIs
Publication statusPublished - 2009
Event10th International Conference on Cryptology in India: INDOCRYPT 2009 - New Delhi, India
Duration: 13 Dec 200916 Dec 2009

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume5922

Conference

Conference10th International Conference on Cryptology in India
Abbreviated titleINDOCRYPT 2009
Country/TerritoryIndia
CityNew Delhi
Period13/12/0916/12/09

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'A Distinguisher for the Compression Function of SIMD-512'. Together they form a unique fingerprint.
  • EU - ECRYPT II - European network of excellence in cryptology - Phase II

    Schmidt, J.-M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Kirschbaum, M. (Co-Investigator (CoI)), Feldhofer, M. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Aigner, M. J. (Co-Investigator (CoI)), Rechberger, C. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Tillich, S. (Co-Investigator (CoI)), Medwed, M. (Co-Investigator (CoI)), Hutter, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)) & Posch, R. (Principal Investigator (PI))

    1/08/0831/01/13

    Project: Research project

  • FWF - Kryptoanalyse - Cryptanalysis by means of numerical methods

    Mendel, F. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rechberger, C. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)) & Rijmen, V. (Principal Investigator (PI))

    1/10/0730/09/09

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this