Finding collisions for round-reduced SM3

Authors:
Florian Mendel;Tomislav Nad;Martin Schläffer
Affiliations:
Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Graz, Austria;Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Graz, Austria;Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Graz, Austria
Venue:
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Year:
2013

Citing 10
Cited 0

Some Observations on the Theory of Cryptographic Hash Functions

Designs, Codes and Cryptography
Finding SHA-1 characteristics: general results and applications

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Finding SHA-2 characteristics: searching through a minefield of contradictions

ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Cryptanalysis of round-reduced HAS-160

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Preimage attacks on step-reduced SM3 hash function

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Differential attacks on reduced RIPEMD-160

ISC'12 Proceedings of the 15th international conference on Information Security
Collision attacks on the reduced dual-stream hash function RIPEMD-128

FSE'12 Proceedings of the 19th international conference on Fast Software Encryption

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this work, we provide the first security analysis of reduced SM3 regarding its collision resistance. SM3 is a Chinese hash function standard published by the Chinese Commercial Cryptography Administration Office for the use of electronic authentication service systems and hence, might be used in several cryptographic applications in China. So far only few results have been published for the SM3 hash function. Since the design of SM3 is very similar to the MD4 family of hash functions and in particular to SHA-2, a revaluation of the security of SM3 regarding collision resistance is important taking into account recent advances in the cryptanalysis of SHA-2. In this paper, we extend the methods used in the recent collision attacks on SHA-2 and show how the techniques can be effectively applied to SM3. Our results are a collision attack on the hash function for 20 out of 64 steps and a free-start collision attack for 24 steps of SM3, both with practical complexity.