Memoryless Related-Key Boomerang Attack on the Full Tiger Block Cipher

Authors:
Ewan Fleischmann;Michael Gorski;Stefan Lucks
Affiliations:
Bauhaus-University Weimar, Germany;Bauhaus-University Weimar, Germany;Bauhaus-University Weimar, Germany
Venue:
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Year:
2009

Citing 10
Cited 1

A Design Principle for Hash Functions

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of DES-like Cryptosystems

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
TIGER: A Fast New Hash Function

Proceedings of the Third International Workshop on Fast Software Encryption
Unbalanced Feistel Networks and Block Cipher Design

Proceedings of the Third International Workshop on Fast Software Encryption
The Boomerang Attack

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Cryptanalysis of the tiger hash function

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Update on tiger

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Collisions and near-collisions for reduced-round tiger

FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Related-Key boomerang and rectangle attacks

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Γ-MAC[H, P]: a new universal MAC scheme

WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present the first attack on the full 24 round internal block cipher of Tiger [1]. Tiger is a hash function proposed by Biham and Anderson at FSE'96. It takes about ten years until the first cryptanalytic result was presented by Kelsey and Lucks [10] at FSE'06. Up to now, the best known attack on the internal block cipher of Tiger is able to break 22 rounds. Our attack on the full 24 rounds of the Tiger block cipher has a data complexity of 23.5 chosen plaintexts and ciphertexts, which can be called memoryless. This is since we do not have to store all the data generated in our attack. The time complexity is about 2259.5 24-round Tiger encryptions. Moreover, we have further reduced the time complexity using a bit fixing technique to 2195.5 24-round encryptions.