SpringerLink
Log in

Preimage Attacks on Reduced-Round Stribog

  • Conference paper
Progress in Cryptology – AFRICACRYPT 2014 (AFRICACRYPT 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8469))

Included in the following conference series:

Abstract

In August 2012, the Stribog hash function was selected as the new Russian cryptographic hash standard (GOST R 34.11-2012). Stribog employs twelve rounds of an AES-based compression function operating in Miyaguchi-Preneel mode. In this paper, we investigate the preimage resistance of the Stribog hash function. In particular, we apply a meet in the middle preimage attack on the compression function which allows us to obtain a 5-round pseudo preimage for a given compression function output with time complexity of 2448 and memory complexity of 264. Additionally, we adopt a guess and determine approach to obtain a 6-round chunk separation that balances the available degrees of freedom and the guess size. The proposed chunk separation allows us to attack 6 out of 12 rounds with time and memory complexities of 2496 and 2112, respectively. Finally, by employing a multicollision attack, we show that preimages of the 5 and 6-round reduced hash function can be generated with time complexity of 2481 and 2505, respectively. The two preimage attacks have equal memory complexity of 2256.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. The National Hash Standard of the Russian Federation GOST R 34.11-2012. Russian Federal Agency on Technical Regulation and Metrology report (2012), https://www.tc26.ru/en/GOSTR34112012/GOST_R_34_112012_eng.pdf

  2. AlTawy, R., Kircanski, A., Youssef, A.M.: Rebound attacks on Stribog. In: ICISC (2013), http://eprint.iacr.org/2013/539.pdf

  3. AlTawy, R., Youssef, A.M.: Integral distinguishers for reduced-round stribog. Cryptology ePrint Archive, Report 2013/648 (2013), http://eprint.iacr.org/2013/648.pdf

  4. Aoki, K., Guo, J., Matusiewicz, K., Sasaki, Y., Wang, L.: Preimages for step-reduced SHA-2. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 578–597. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Aoki, K., Sasaki, Y.: Meet-in-the-middle preimage attacks against reduced SHA-0 and SHA-1. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 70–89. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Aoki, K., Sasaki, Y.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103–119. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: Grøstl a SHA-3 candidate. NIST Submission (2008)

    Google Scholar 

  8. Guo, J., Ling, S., Rechberger, C., Wang, H.: Advanced meet-in-the-middle preimage attacks: First results on full Tiger, and improved results on MD4 and SHA-2. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 56–75. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  9. Hong, D., Koo, B., Sasaki, Y.: Improved preimage attack for 68-step HAS-160. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 332–348. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Joux, A.: Multicollisions in iterated hash functions. application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Kazymyrov, O., Kazymyrova, V.: Algebraic aspects of the russian hash standard GOST R 34.11-2012. In: CTCrypt, pp. 160–176 (2013), http://eprint.iacr.org/2013/556

  12. Lai, X., Massey, J.L.: Hash function based on block ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 55–70. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  13. Matyukhin, D., Rudskoy, V., Shishkin, V.: A perspective hashing algorithm. In: RusCrypto (2010) (in Russian)

    Google Scholar 

  14. Matyukhin, D., Shishkin, V.: Some methods of hash functions analysis with application to the GOST P 34.11-94 algorithm. Mat. Vopr. Kriptogr 3, 71–89 (2012) (in Russian)

    Google Scholar 

  15. Mendel, F., Pramstaller, N., Rechberger, C.: A (second) preimage attack on the GOST hash function. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 224–234. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Mendel, F., Pramstaller, N., Rechberger, C., Kontak, M., Szmidt, J.: Cryptanalysis of the GOST hash function. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 162–178. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  17. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC press (2010)

    Google Scholar 

  18. NIST. Announcing request for candidate algorithm nominations for a new cryptographic hash algorithm (SHA-3) family. In: Federal Register, vol. 72(212) (November 2007), http://csrc.nist.gov/groups/ST/hash/documents/FR_Notice_Nov07.pdf

  19. Rijmen, V., Barreto, P.S.L.M.: The Whirlpool hashing function. NISSIE Submission (2000)

    Google Scholar 

  20. Sasaki, Y.: Meet-in-the-middle preimage attacks on AES hashing modes and an application to Whirlpool. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 378–396. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  21. Sasaki, Y., Wang, L., Wu, S., Wu, W.: Investigating fundamental security requirements on Whirlpool: Improved preimage and collision attacks. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 562–579. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  22. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  24. Wu, S., Feng, D., Wu, W., Guo, J., Dong, L., Zou, J.: (Pseudo) preimage attack on round-reduced Grøstl hash function and others. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 127–145. Springer, Heidelberg (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Concordia Institute for Information Systems Engineering, Concordia University, Montréal, Québec, Canada

    Riham AlTawy & Amr M. Youssef

Authors
  1. Riham AlTawy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amr M. Youssef
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Ecole Normale Supérieure, 45, rue d’Ulm, 75005, Paris, France

    David Pointcheval  & Damien Vergnaud  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

AlTawy, R., Youssef, A.M. (2014). Preimage Attacks on Reduced-Round Stribog. In: Pointcheval, D., Vergnaud, D. (eds) Progress in Cryptology – AFRICACRYPT 2014. AFRICACRYPT 2014. Lecture Notes in Computer Science, vol 8469. Springer, Cham. https://doi.org/10.1007/978-3-319-06734-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-06734-6_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-06733-9

  • Online ISBN: 978-3-319-06734-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation