Please use this identifier to cite or link to this item:
https://hdl.handle.net/10356/103817| Title: | Distinguishers on double-branch compression Function and applications to round-reduced RIPEMD-128 and RIPEMD-160 | Authors: | Sasaki, Yu Wang, Lei |
Keywords: | DRNTU::Engineering::Computer science and engineering | Issue Date: | 2014 | Source: | Sasaki, Y., & Wang, L. (2014). Distinguishers on Double-Branch Compression Function and Applications to Round-Reduced RIPEMD-128 and RIPEMD-160. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, E97-A (1), 177-190. | Series/Report no.: | IEICE transactions on fundamentals of electronics, communications and computer sciences | Abstract: | This paper presents differential-based distinguishers against double-branch compression functions and applies them to ISO standard hash functions RIPEMD-128 and RIPEMD-160. A double-branch compression function computes two branch functions to update a chaining variable and then merges their outputs. For such a compression function, we observe that second-order differential paths will be constructed by finding a sub-path in each branch independently. This leads to 4-sum attacks on 47 steps (out of 64 steps) of RIPEMD-128 and 40 steps (out of 80 steps) of RIPEMD-160. Then new properties called a (partial) 2-dimension sum and a q-multi-second-order collision are considered. The partial 2-dimension sum is generated on 48 steps of RIPEMD-128 and 42 steps of RIPEMD-160, with complexities of 235 and 236, respectively. Theoretically, the 2-dimension sum is generated faster than the brute force attack up to 52 steps of RIPEMD-128 and 51 steps of RIPEMD-160, with complexities of 2101 and 2158, respectively. The results on RIPEMD-128 can also be viewed as q-multi-second-order collision attacks. The practical attacks have been implemented and examples are presented. We stress that our results do not impact to the security of full RIPEMD-128 and RIPEMD-160 hash functions. | URI: | https://hdl.handle.net/10356/103817 http://hdl.handle.net/10220/19335 |
ISSN: | 0916-8508 | DOI: | 10.1587/transfun.E97.A.177 | Schools: | School of Computer Engineering | Rights: | © 2014 The Institute of Electronics, Information and Communication Engineers. This paper was published in IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences and is made available as an electronic reprint (preprint) with permission of The Institute of Electronics, Information and Communication Engineers. The paper can be found at the following official DOI: [http://dx.doi.org/10.1587/transfun.E97.A.177]. One print or electronic copy may be made for personal use only. Systematic or multiple reproduction, distribution to multiple locations via electronic or other means, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper is prohibited and is subject to penalties under law. | Fulltext Permission: | open | Fulltext Availability: | With Fulltext |
| Appears in Collections: | SCSE Journal Articles |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| Distinguishers on Double-Branch Compression Function and Applications to Round-Reduced RIPEMD-128 and RIPEMD-160.pdf | 700.26 kB | Adobe PDF |  View/Open |
Page view(s) 50
573
Updated on May 7, 2025
Download(s) 20
318
Updated on May 7, 2025
Google ScholarTM
Check
Altmetric
Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.