A Generalized Birthday Problem
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Differential Collisions in SHA-0
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Fast Software Encryption
Preimage Attacks on 3, 4, and 5-Pass HAVAL
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Preimage Attacks on One-Block MD4, 63-Step MD5 and More
Selected Areas in Cryptography
Preimages for Step-Reduced SHA-2
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Improved preimage attack for 68-step HAS-160
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
(Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Meet-in-the-middle attacks on reduced-round XTEA
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Improved meet-in-the-middle cryptanalysis of KTANTAN
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Bicliques for permutations: collision and preimage attacks in stronger settings
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
The Grøstl hash function is one of the 5 final round candidates of the SHA-3 competition hosted by NIST. In this paper, we study the preimage resistance of the Grøstl hash function. We propose pseudo preimage attacks on Grøstl hash function for both 256-bit and 512-bit versions, i.e., we need to choose the initial value in order to invert the hash function. Pseudo preimage attack on 5(out of 10)-round Grøstl-256 has a complexity of (2244.85,2230.13) (in time and memory) and pseudo preimage attack on 8(out of 14)-round Grøstl-512 has a complexity of (2507.32,2507.00). To the best of our knowledge, our attacks are the first (pseudo) preimage attacks on round-reduced Grøstl hash function, including its compression function and output transformation. These results are obtained by a variant of meet-in-the-middle preimage attack framework by Aoki and Sasaki. We also improve the time complexities of the preimage attacks against 5-round Whirlpool and 7-round AES hashes by Sasaki in FSE 2011.