Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Design of Rijndael
Preimages for Reduced-Round Tiger
Research in Cryptology
A Meet-in-the-Middle Attack on 8-Round AES
Fast Software Encryption
Fast Software Encryption
Hash Functions and RFID Tags: Mind the Gap
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Preimages for Reduced SHA-0 and SHA-1
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
New Impossible Differential Attacks on AES
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Preimage Attacks on 3, 4, and 5-Pass HAVAL
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Blockcipher-Based Hashing Revisited
Fast Software Encryption
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
Fast Software Encryption
Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Preimage Attacks on One-Block MD4, 63-Step MD5 and More
Selected Areas in Cryptography
Preimage Attacks on 3-Pass HAVAL and Step-Reduced MD5
Selected Areas in Cryptography
Selected Areas in Cryptography
Related-Key Cryptanalysis of the Full AES-192 and AES-256
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Preimages for Step-Reduced SHA-2
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Known-key distinguishers for some block ciphers
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Super-Sbox cryptanalysis: improved attacks for AES-like permutations
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Biclique cryptanalysis of reduced-round piccolo block cipher
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Security analysis of the lightweight block ciphers XTEA, LED and piccolo
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
(Pseudo) preimage attack on round-reduced grøstl hash function and others
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Bicliques for permutations: collision and preimage attacks in stronger settings
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Preimage attacks on Feistel-SP functions: impact of omitting the last network twist
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
| Hi-index | 0.00 |
We study the security of AES in the open-key setting by showing an analysis on hash function modes instantiating AES including Davies-Meyer, Matyas-Meyer-Oseas, and Miyaguchi-Preneel modes. In particular, we propose preimage attacks on these constructions, while most of previous work focused their attention on collision attacks or distinguishers using non-ideal differential properties. This research is based on the motivation that we should evaluate classical and important security notions for hash functions and avoid complicated attack models that seem to have little relevance in practice. We apply a recently developed meet-in-the-middle preimage approach. As a result, we obtain a preimage attack on 7 rounds of Davies-Meyer AES and a second preimage attack on 7 rounds of Matyas-Meyer-Oseas and Miyaguchi-Preneel AES. Considering that the previous best collision attack only can work up to 6 rounds, the number of attacked rounds reaches the best in terms of the classical security notions. In our attacks, the key is regarded as a known constant, and the attacks thus can work for any key length in common.