Differential Collisions in SHA-0
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Computing Differential Properties of Addition
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A New Class of Invertible Mappings
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
Fast Software Encryption
Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
MD5 Is Weaker Than Weak: Attacks on Concatenated Combiners
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Improved Cryptanalysis of Skein
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding Collisions for a 45-Step Simplified HAS-V
Information Security Applications
Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
The delicate issues of addition with respect to XOR differences
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
The differential analysis of S-functions
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Classification and generation of disturbance vectors for collision attacks against SHA-1
Designs, Codes and Cryptography
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Practical near-collisions on the compression function of BMW
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Finding SHA-1 characteristics: general results and applications
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Searching for differential paths in MD4
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Improved related-key boomerang attacks on round-reduced threefish-512
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Second-Order differential collisions for reduced SHA-256
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Finding SHA-2 characteristics: searching through a minefield of contradictions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Boomerang distinguishers on MD4-Family: first practical results on full 5-pass HAVAL
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Boomerang attacks on hash function using auxiliary differentials
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
The Return of the Cryptographic Boomerang
IEEE Transactions on Information Theory
Hi-index | 0.00 |
In this paper, we study differential attacks against ARX schemes. We build upon the generalized characteristics of de Cannière and Rechberger; we introduce new multi-bit constraints to describe differential characteristics in ARX designs more accurately, and quartet constraints to analyze boomerang attacks. We also describe how to propagate those constraints; this can be used either to assist manual construction of a differential characteristic, or to extract more information from an already built characteristic. We show that our new constraints are more precise than what was used in previous works, and can detect more cases of incompatibility. In particular, we show that several published attacks are in fact fact invalid because the differential characteristics cannot be satisfied. This highlights the importance of verifying differential attacks more thoroughly.