Handbook of Applied Cryptography
Handbook of Applied Cryptography
HAS-V: A New Hash Function with Variable Output Length
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
RIPEMD-160: A Strengthened Version of RIPEMD
Proceedings of the Third International Workshop on Fast Software Encryption
Proceedings of the Third International Workshop on Fast Software Encryption
The RIPEMD and RIPEMD Improved Variants of MD4 Are Not Collision Free
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Fast Software Encryption
Preimages for Reduced SHA-0 and SHA-1
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Preimage Attacks on 3, 4, and 5-Pass HAVAL
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Preimage Attack on Hash Function RIPEMD
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Preimage Attacks on 3-Pass HAVAL and Step-Reduced MD5
Selected Areas in Cryptography
Weaknesses in the HAS-V compression function
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
A meet-in-the-middle collision attack against the new FORK-256
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
On the collision resistance of RIPEMD-160
ISC'06 Proceedings of the 9th international conference on Information Security
A new dedicated 256-bit hash function: FORK-256
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
(Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Preimage attacks on full-ARIRANG
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Distinguishing attacks on LPMAC based on the full RIPEMD and reduced-step RIPEMD-{256, 320}
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Improved preimage attack on one-block MD4
Journal of Systems and Software
Preimage attacks on Full-ARIRANG: analysis of DM-Mode with middle feed-forward
WISA'11 Proceedings of the 12th international conference on Information Security Applications
Distinguishers beyond three rounds of the RIPEMD-128/-160 compression functions
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
| Hi-index | 0.00 |
We describe preimage attacks on several double-branch hash functions. We first present meet-in-the-middle preimage attacks on RIPEMD, whose output length is 128 bits and internal state size is 256 bits. With this internal state size, a straightforward application of the meet-in-the-middle attack will cost the complexity of at least 2128, which gives no advantage compared to the brute force attack. We show two attacks on RIPEMD. The first attack finds pseudo-preimages and preimages of the first 33 steps with complexities of 2121 and 2125.5, respectively. The second attack finds pseudo-preimages and preimages of the intermediate 35 steps with complexities of 296 and 2113, respectively. We next present meet-in-the-middle preimage attacks on full Extended MD4, reduced RIPEMD-256, and reduced RIPEMD-320. The best known attack for these is the brute force attack. We show how to find preimages more efficiently on these hash functions.