Second preimage attack on 3-pass HAVAL and partial key-recovery attacks on HMAC/NMAC-3-pass HAVAL

Eunjin Lee, Donghoon Chang, Jongsung Kim, Jaechul Sung, Seokhie Hong

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

14 Scopus citations

Abstract

In 1992, Zheng, Pieprzyk and Seberry proposed a one-way hashing algorithm called HAVAL, which compresses a message of arbitrary length into a digest of 128, 160, 192, 224 or 256 bits. It operates in so called passes where each pass contains 32 steps. The number of passes can be chosen equal to 3, 4 or 5. In this paper, we devise a new differential path of 3-pass HAVAL with probability 2-∈114, which allows us to design a second preimage attack on 3-pass HAVAL and partial key recovery attacks on HMAC/NMAC-3-pass HAVAL. Our partial key-recovery attack works with 2122 oracle queries, 5•232 memory bytes and 296 3-pass HAVAL computations.

Original languageEnglish
Title of host publicationFast Software Encryption - 15th International Workshop, FSE 2008, Revised Selected Papers
Pages189-206
Number of pages18
DOIs
StatePublished - 2008
Event15th International Workshop on Fast Software Encryption, FSE 2008 - Lausanne, Switzerland
Duration: 10 Feb 200813 Feb 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5086 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference15th International Workshop on Fast Software Encryption, FSE 2008
Country/TerritorySwitzerland
CityLausanne
Period10/02/0813/02/08

Keywords

  • HAVAL
  • HMAC
  • Key recovery attack
  • NMAC
  • Second preimage attack

Fingerprint

Dive into the research topics of 'Second preimage attack on 3-pass HAVAL and partial key-recovery attacks on HMAC/NMAC-3-pass HAVAL'. Together they form a unique fingerprint.

Cite this