Difference between revisions of "SMASH"

From The ECRYPT Hash Function Website
(Second Preimage Attacks)
Line 33: Line 33:
 
   year      = {2007},
 
   year      = {2007},
 
   pages    = {101-111},
 
   pages    = {101-111},
   ee        = {http:/dx.doi.org/10.1007/11967668_7},
+
   url      = {http:/dx.doi.org/10.1007/11967668_7},
  
 
   abstract  = {This article presents a rare case of a deterministic second preimage attack on a cryptographic hash function. Using the notion of controllable output differences, we show how to construct second preimages for the SMASH hash functions. If the given preimage contains at least n+1 blocks, where n is the output length of the hash function in bits, then the attack is deterministic and requires only to solve a set of n linear equations. For shorter preimages, the attack is probabilistic.} }   
 
   abstract  = {This article presents a rare case of a deterministic second preimage attack on a cryptographic hash function. Using the notion of controllable output differences, we show how to construct second preimages for the SMASH hash functions. If the given preimage contains at least n+1 blocks, where n is the output length of the hash function in bits, then the attack is deterministic and requires only to solve a set of n linear equations. For shorter preimages, the attack is probabilistic.} }   

Revision as of 14:17, 10 March 2008

1 Spezification

2 Cryptanalysis

2.1 Best Known Results


2.2 Generic Attacks


2.3 Collision Attacks


2.4 Second Preimage Attacks

Mario Lamberger, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - Second Preimages for SMASH

CT-RSA pp. 101-111,2007
http:/dx.doi.org/10.1007/11967668_7
Bibtex
Author : Mario Lamberger, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : Second Preimages for SMASH
In : CT-RSA -
Address :
Date : 2007

2.5 Preimage Attacks


2.6 Others