TY - GEN
T1 - Second preimage attack on 3-pass HAVAL and partial key-recovery attacks on HMAC/NMAC-3-pass HAVAL
AU - Lee, Eunjin
AU - Chang, Donghoon
AU - Kim, Jongsung
AU - Sung, Jaechul
AU - Hong, Seokhie
PY - 2008
Y1 - 2008
N2 - In 1992, Zheng, Pieprzyk and Seberry proposed a one-way hashing algorithm called HAVAL, which compresses a message of arbitrary length into a digest of 128, 160, 192, 224 or 256 bits. It operates in so called passes where each pass contains 32 steps. The number of passes can be chosen equal to 3, 4 or 5. In this paper, we devise a new differential path of 3-pass HAVAL with probability 2-∈114, which allows us to design a second preimage attack on 3-pass HAVAL and partial key recovery attacks on HMAC/NMAC-3-pass HAVAL. Our partial key-recovery attack works with 2122 oracle queries, 5•232 memory bytes and 296 3-pass HAVAL computations.
AB - In 1992, Zheng, Pieprzyk and Seberry proposed a one-way hashing algorithm called HAVAL, which compresses a message of arbitrary length into a digest of 128, 160, 192, 224 or 256 bits. It operates in so called passes where each pass contains 32 steps. The number of passes can be chosen equal to 3, 4 or 5. In this paper, we devise a new differential path of 3-pass HAVAL with probability 2-∈114, which allows us to design a second preimage attack on 3-pass HAVAL and partial key recovery attacks on HMAC/NMAC-3-pass HAVAL. Our partial key-recovery attack works with 2122 oracle queries, 5•232 memory bytes and 296 3-pass HAVAL computations.
KW - HAVAL
KW - HMAC
KW - Key recovery attack
KW - NMAC
KW - Second preimage attack
UR - http://www.scopus.com/inward/record.url?scp=50249137694&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-71039-4_12
DO - 10.1007/978-3-540-71039-4_12
M3 - Conference contribution
AN - SCOPUS:50249137694
SN - 3540710388
SN - 9783540710387
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 189
EP - 206
BT - Fast Software Encryption - 15th International Workshop, FSE 2008, Revised Selected Papers
T2 - 15th International Workshop on Fast Software Encryption, FSE 2008
Y2 - 10 February 2008 through 13 February 2008
ER -