Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Switching Closure Test to Analyze Cryptosystems
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
TIGER: A Fast New Hash Function
Proceedings of the Third International Workshop on Fast Software Encryption
Preimages for Reduced-Round Tiger
Research in Cryptology
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Two Passes of Tiger Are Not One-Way
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
Preimage Attacks on Reduced Tiger and SHA-2
Fast Software Encryption
Preimage Attacks on One-Block MD4, 63-Step MD5 and More
Selected Areas in Cryptography
Cryptanalysis of the tiger hash function
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Collisions and near-collisions for reduced-round tiger
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Hi-index | 0.00 |
This paper evaluates the preimage resistance of the Tiger hash function. We will propose a pseudo-preimage attack on its compression function up to 23 steps with a complexity of 2181, which can be converted to a preimage attack on 23-step Tiger hash function with a complexity of 2187.5. The memory requirement of these attacks is 222 words. Our pseudo-preimage attack on the Tiger compression function adopts the meet-in-the-middle approach. We will divide the computation of the Tiger compression function into two independent parts. This enables us to transform the target of finding a pseudo-preimage to another target of finding a collision between two independent sets of some internal state, which will reduce the complexity. In order to maximize the number of the attacked steps, we derived several properties or weaknesses in both the key schedule function and the step function of the Tiger compression function, which gives us more freedom to separate the Tiger compression function.