Chaff: engineering an efficient SAT solver
Proceedings of the 38th annual Design Automation Conference
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Applications of SAT solvers to cryptanalysis of hash functions
SAT'06 Proceedings of the 9th international conference on Theory and Applications of Satisfiability Testing
Fast Software Encryption
Preimage Attacks on Step-Reduced MD5
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
A Preimage Attack for 52-Step HAS-160
Information Security and Cryptology --- ICISC 2008
Preimage Attack on Hash Function RIPEMD
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Input generation via decomposition and re-stitching: finding bugs in Malware
Proceedings of the 17th ACM conference on Computer and communications security
Improved preimage attack on one-block MD4
Journal of Systems and Software
Hi-index | 0.00 |
Inverting a function f at a given point y in its range involves finding any x in the domain such that f(x) = y. This is a general problem. We wish to find a heuristic for inverting those functions which satisfy certain statistical properties similar to those of random functions. As an example, we choose popular secure hash functions which are expected to be hard to invert and any successful strategy to do so will be quite useful. This provides an excellent challenge for SAT solvers. We first find the limits of inverting via direct encoding of these functions as SAT: for MD4 this is one round and twelve steps and for MD5 it is one round and ten steps. Then, we show that by adding customized constraints obtained by modifying an earlier attack by Dobbertin, we can invert MD4 up to 2 rounds and 7 steps in