Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n

Mario Lamberger, Florian Mendel

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

The recently started SHA-3 competition in order to find a new secure hash standard and thus a replacement for SHA-1/SHA-2 has attracted a lot of interest in the academic world as well as in industry. There are 51 round one candidates building on sometimes very different principles.

In this paper, we show how to attack two of the 51 round one hash functions. The attacks have in common that they exploit structural weaknesses in the design of the hash function and are independent of the underlying compression function. First, we present a preimage attack on the hash function Blender-n. It has a complexity of about n·2n/2 and negligible memory requirements. Secondly, we show practical collision and preimage attacks on DCH-n. To be more precise, we can trivially construct a (28 + 2)-block collision for DCH-n and a 1297-block preimage with only 521 compression function evaluations. The attacks on both hash functions work for all output sizes and render the hash functions broken.
Original languageEnglish
Title of host publicationInformation Security
Subtitle of host publication12th International Conference, ISC 2009 Pisa, Italy, September 7-9, 2009 Proceedings
EditorsPierangela Samarati, Moti Yung, Fabio Martinelli, Claudio Agostino Ardagna
Place of PublicationBerlin; Heidelberg
PublisherSpringer
Pages68-78
ISBN (Print)3-642-04473-5
DOIs
Publication statusPublished - 2009
Event12th International Information Security Conference: ISC 2009 - Pisa, Italy
Duration: 7 Sept 20099 Sept 2009

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume5735

Conference

Conference12th International Information Security Conference
Abbreviated titleISC 2009
Country/TerritoryItaly
CityPisa
Period7/09/099/09/09

Fingerprint

Dive into the research topics of 'Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n'. Together they form a unique fingerprint.
  • EU - ECRYPT II - European network of excellence in cryptology - Phase II

    Schmidt, J., Nad, T., Kirschbaum, M., Feldhofer, M., Schläffer, M., Aigner, M. J., Rechberger, C., Lamberger, M., Tillich, S., Medwed, M., Hutter, M., Rijmen, V., Mendel, F. & Posch, R.

    1/08/0831/01/13

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this