Differential Attacks on Reduced RIPEMD-160

Florian Mendel, Tomislav Nad, Stefan Scherz, Martin Schläffer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

In this work, we provide the first security analysis of reduced RIPEMD-160 regarding its collision resistance with practical complexity. The ISO/IEC standard RIPEMD-160 was proposed 15 years ago and may be used as a drop-in replacement for SHA-1 due to their same hash output length. Only few results have been published for RIPEMD-160 so far and most attacks have a complexity very close to the generic bound. In this paper, we present the first application of the attacks of Wang et al. on MD5 and SHA-1 to RIPEMD-160. Due to the dual-stream structure of RIPEMD-160 the application of these attacks is nontrivial and almost impossible without the use of automated tools. We present practical examples of semi-free-start near-collisions for the middle 48 steps (out of 80) and semi-free-start collisions for 36 steps of RIPEMD-160. Furthermore, our results show that the differential characteristics get very dense in RIPEMD-160 such that a full-round attack seems unlikely in the near future.
Original languageEnglish
Title of host publicationInformation Security
Place of PublicationBerlin; Heidelberg
PublisherSpringer
Pages23-38
ISBN (Print)978-3-642-33382-8
DOIs
Publication statusPublished - 2012
Event15th International Conference Information Security : ISC 2012 - Passau, Germany
Duration: 19 Sept 201221 Sept 2012

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume7483

Conference

Conference15th International Conference Information Security
Abbreviated titleISC 2012
Country/TerritoryGermany
CityPassau
Period19/09/1221/09/12

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'Differential Attacks on Reduced RIPEMD-160'. Together they form a unique fingerprint.
  • FWF - kryptographische Hashfu - Cryptanalysis of modern cryptographic hash functions II

    Nad, T. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)) & Rijmen, V. (Principal Investigator (PI))

    1/02/1031/01/13

    Project: Research project

  • EU - ECRYPT II - European network of excellence in cryptology - Phase II

    Schmidt, J.-M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Kirschbaum, M. (Co-Investigator (CoI)), Feldhofer, M. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Aigner, M. J. (Co-Investigator (CoI)), Rechberger, C. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Tillich, S. (Co-Investigator (CoI)), Medwed, M. (Co-Investigator (CoI)), Hutter, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)) & Posch, R. (Principal Investigator (PI))

    1/08/0831/01/13

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this