Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
How easy is collision search? Application to DES
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
A known-plaintext attack on two-key triple encryption
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Parallel collision search with application to hash functions and discrete logarithms
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Other Cycling Tests for DES (Abstract)
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
How Easy is Collision Search. New Results and Applications to DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Information Processing Letters
Journal of Algorithms
The Full Cost of Cryptanalytic Attacks
Journal of Cryptology
On the Strength of the Concatenated Hash Combiner When All the Hash Functions Are Weak
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
On diffie-hellman key agreement with short exponents
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Birthday paradox for multi-collisions
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Multicollision Attacks on Some Generalized Sequential Hash Functions
IEEE Transactions on Information Theory
Time space tradeoffs for attacks against one-way functions and PRGs
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Preimage attacks against PKC98-Hash and HAS-V
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
A tutorial on high performance computing applied to cryptanalysis
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
| Hi-index | 0.00 |
An r -collision for a function is a set of r distinct inputs with identical outputs. Actually finding r -collisions for a random map over a finite set of cardinality N requires at least about N (r *** 1)/r units of time on a sequential machine. For r =2, memoryless and well-parallelizable algorithms are known. The current paper describes memory-efficient and parallelizable algorithms for r *** 3. The main results are: (1) A sequential algorithm for 3-collisions, roughly using memory N *** and time N 1 *** *** for *** ≤ 1/3. In particular, given N 1/3 units of storage, one can find 3-collisions in time N 2/3. (2) A parallelization of this algorithm using N 1/3 processors running in time N 1/3, where each single processor only needs a constant amount of memory. (3) A generalisation of this second approach to r -collisions for r *** 3: given N s parallel processors, with s ≤ (r *** 2)/r , one can generate r -collisions roughly in time N ((r *** 1)/r ) *** s , using memory N ((r *** 2)/r ) *** s on every processor.