Finite fields
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Design of Rijndael
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of DES-like Cryptosystems
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
The Wide Trail Design Strategy
Proceedings of the 8th IMA International Conference on Cryptography and Coding
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
Fast Software Encryption
Selected Areas in Cryptography
Rebound Attack on the Full Lane Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Known-key distinguishers for some block ciphers
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Cryptanalysis of the tiger hash function
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Collisions for 70-step SHA-1: on the full cost of collision search
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Finding SHA-1 characteristics: general results and applications
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Rebound Attack on the Full Lane Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rebound attack on reduced-round versions of JH
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Super-Sbox cryptanalysis: improved attacks for AES-like permutations
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Improved differential attacks for ECHO and Grøstl
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Practical rebound attack on 12-round cheetah-256
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Known-key attacks on Rijndael with large blocks and strengthening shiftrow parameter
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Cryptographic hash functions: theory and practice
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Improved collision attacks on the reduced-round Grøstl hash function
ISC'10 Proceedings of the 13th international conference on Information security
Subspace distinguisher for 5/8 rounds of the ECHO-256 hash function
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Analysis of reduced-SHAvite-3-256 v2
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Practical near-collisions and collisions on round-reduced ECHO-256 compression function
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Known-key distinguishers on 11-round Feistel and collision attacks on its hashing modes
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Practical attacks on the maelstrom-0 compression function
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
The NIST SHA-3 competition: a perspective on the final year
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Hyper-Sbox view of AES-like permutations: a generalized distinguisher
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
How to improve rebound attacks
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Known and chosen key differential distinguishers for block ciphers
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Experimental verification of super-sbox analysis: confirmation of detailed attack complexity
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Rebound attacks on the reduced grøstl hash function
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Known-Key distinguisher on round-reduced 3d block cipher
WISA'11 Proceedings of the 12th international conference on Information Security Applications
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
SPN-hash: improving the provable resistance against differential collision attacks
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Improved known-key distinguishers on Feistel-SP ciphers and application to camellia
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Improved rebound attack on the finalist grøstl
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Unaligned rebound attack: application to keccak
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
The SHA-3 competition: lessons learned
Proceedings of the 6th International Conference on Security of Information and Networks
Internal differential collision attacks on the reduced-round GrØstl-0 hash function
Designs, Codes and Cryptography
Hi-index | 0.01 |
Whirlpool is a hash function based on a block cipher that can be seen as a scaled up variant of the AES. The main difference is the (compared to AES) extremely conservative key schedule. In this work, we present a distinguishing attack on the full compression function of Whirlpool. We obtain this result by improving the rebound attack on reduced Whirlpool with two new techniques. First, the inbound phase of the rebound attack is extended by up to two rounds using the available degrees of freedom of the key schedule. This results in a near-collision attack on 9.5 rounds of the compression function of Whirlpool with a complexity of 2176 and negligible memory requirements. Second, we show how to turn this near-collision attack into a distinguishing attack for the full 10 round compression function of Whirlpool. This is the first result on the full Whirlpool compression function.