TY - GEN
T1 - Preimage attack on the parallel FFT-hashing function
AU - Donghoon, Chang
AU - Moti, Yung
AU - Jaechul, Sung
AU - Seokhie, Hong
AU - Sangjin, Lee
PY - 2007
Y1 - 2007
N2 - The parallel FFT-Hashing function was designed by C. P. Schnorr and S. Vaudenay in 1993. The function is a simple and light weight hash algorithm with 128-bit digest. Its basic component is a multi-permutation which helps in proving its resistance to collision attacks. In this work we show a preimage attack on the parallel FFT-Hashing function using 2t+64 + 2 128-t time complexity and 2t memory, which is less than the generic complexity 2128. Specifically, when t = 32, we can find a preimage using 297 time and 232 memory. Our method can be described as "disseminative-meet-in-the-middle-attack". we actually use the properties of multi-permutation (helpful against collision attack) to our advantage in the attack. Overall, this type of attack (beating the generic one) demonstrates that the structure of the parallel FFT-Hashing function has some weaknesses when preimage attack is considered (and relevant). To the best of our knowledge, this is the first attack on the parallel FFT-Hashing function.
AB - The parallel FFT-Hashing function was designed by C. P. Schnorr and S. Vaudenay in 1993. The function is a simple and light weight hash algorithm with 128-bit digest. Its basic component is a multi-permutation which helps in proving its resistance to collision attacks. In this work we show a preimage attack on the parallel FFT-Hashing function using 2t+64 + 2 128-t time complexity and 2t memory, which is less than the generic complexity 2128. Specifically, when t = 32, we can find a preimage using 297 time and 232 memory. Our method can be described as "disseminative-meet-in-the-middle-attack". we actually use the properties of multi-permutation (helpful against collision attack) to our advantage in the attack. Overall, this type of attack (beating the generic one) demonstrates that the structure of the parallel FFT-Hashing function has some weaknesses when preimage attack is considered (and relevant). To the best of our knowledge, this is the first attack on the parallel FFT-Hashing function.
KW - Cryptographic hash function
KW - Preimage attack
KW - The parallel FFT-hashing function
UR - http://www.scopus.com/inward/record.url?scp=38149101695&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:38149101695
SN - 3540734570
SN - 9783540734574
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 59
EP - 67
BT - Information Security and Privacy - 12th Australasian Conference, ACISP 2007, Proceedings
T2 - 12th Australasian Conference on Information Security and Privacy, ACISP2007
Y2 - 2 July 2007 through 4 July 2007
ER -