Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/155545
Title: Automatic search of Meet-in-the-Middle preimage attacks on AES-like hashing
Authors: Bao, Zhenzhen
Dong, Xiaoyang
Guo, Jian
Li, Zheng
Shi, Danping
Sun, Siwei
Wang, Xiaoyun
Keywords: Science::Mathematics::Discrete mathematics::Cryptography
Issue Date: 2021
Source: Bao, Z., Dong, X., Guo, J., Li, Z., Shi, D., Sun, S. & Wang, X. (2021). Automatic search of Meet-in-the-Middle preimage attacks on AES-like hashing. Advances in Cryptology – EUROCRYPT 2021, LNCS 12696, 771-804. https://dx.doi.org/10.1007/978-3-030-77870-5_27
Project: 020509-00001
04INS000397C230
RG18/19
RG91/20
MOE2019-T2-1-060
Abstract: The Meet-in-the-Middle (MITM) preimage attack is highly effective in breaking the preimage resistance of many hash functions, including but not limited to the full MD5, HAVAL, and Tiger, and reduced SHA-0/1/2. It was also shown to be a threat to hash functions built on block ciphers like AES by Sasaki in 2011. Recently, such attacks on AES hashing modes evolved from merely using the freedom of choosing the internal state to also exploiting the freedom of choosing the message state. However, detecting such attacks especially those evolved variants is difficult. In previous works, the search space of the configurations of such attacks is limited, such that manual analysis is practical, which results in sub-optimal solutions. In this paper, we remove artificial limitations in previous works, formulate the essential ideas of the construction of the attack in well-defined ways, and translate the problem of searching for the best attacks into optimization problems under constraints in Mixed-Integer-Linear-Programming (MILP) models. The MILP models capture a large solution space of valid attacks; and the objectives of the MILP models are attack configurations with the minimized computational complexity. With such MILP models and using the off-the-shelf solver, it is efficient to search for the best attacks exhaustively. As a result, we obtain the first attacks against the full (5-round) and an extended (5.5-round) version of Haraka-512 v2, and 8-round AES-128 hashing modes, as well as improved attacks covering more rounds of Haraka-256 v2 and other members of AES and Rijndael hashing modes.
URI: https://hdl.handle.net/10356/155545
ISBN: 9783030778699
DOI: 10.1007/978-3-030-77870-5_27
Rights: © 2021 International Association for Cryptologic Research. All rights reserved. This paper was published by Springer in Proceedings of Advances in Cryptology – EUROCRYPT 2021 and is made available with permission of International Association for Cryptologic Research.
Fulltext Permission: open
Fulltext Availability: With Fulltext
Appears in Collections:SPMS Conference Papers

Files in This Item:
File Description SizeFormat 
Automatic Search of Meet-in-the-Middle Preimage Attacks on AES-like Hashing.pdf1.12 MBAdobe PDFView/Open

Page view(s)

73
Updated on Jul 1, 2022

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.