Difference between revisions of "RIPEMD"
From The ECRYPT Hash Function Website
(→Spezification) |
|||
| Line 21: | Line 21: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| + | |||
| + | <bibtex> | ||
| + | @article{jocDobbertin97, | ||
| + | author = {Hans Dobbertin}, | ||
| + | title = {{RIPEMD with Two-Round Compress Function is Not Collision-Free}}, | ||
| + | journal = {J. Cryptology}, | ||
| + | volume = {10}, | ||
| + | number = {1}, | ||
| + | year = {1997}, | ||
| + | pages = {51-70}, | ||
| + | url = {http://dx.doi.org/10.1007/s001459900019}, | ||
| + | abstract = {In 1990 Rivest introduced the cryptographic hash function MD4. The compress function of MD4 has three rounds. After partial attacks against MD4 were found, the stronger mode RIPEMD was designed as a European proposal in 1992 (RACE project). Its compress function consists of two parallel lines of modified versions of MD4-compress. RIPEMD is currently being considered to become an international standard (ISO/IEC Draft 10118-3). However, in this paper an attack against RIPEMD is described, which leads to comparable results with the previously known attacks against MD4: The reduced versions of RIPEMD, where the first or the last round of the compress function is omitted, are not collision-free. Moreover, it turns out that the methods developed in this note can be applied to find collisions for the full MD4.}, | ||
| + | } | ||
| + | </bibtex> | ||
---- | ---- | ||
Revision as of 18:02, 10 March 2008
Contents
1 Specification
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
Hans Dobbertin - {RIPEMD with Two-Round Compress Function is Not Collision-Free}
- J. Cryptology 10(1):51-70,1997
- http://dx.doi.org/10.1007/s001459900019
BibtexAuthor : Hans Dobbertin
Title : {RIPEMD with Two-Round Compress Function is Not Collision-Free}
In : J. Cryptology -
Address :
Date : 1997
