×

Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks. (English) Zbl 1292.94134

Wang, Xiaoyun (ed.) et al., Advances in cryptology – ASIACRYPT 2012. 18th international conference on the theory and application of cryptology and information security, Beijing, China, December 2–6, 2012. Proceedings. Berlin: Springer (ISBN 978-3-642-34960-7/pbk). Lecture Notes in Computer Science 7658, 562-579 (2012).
Summary: In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with \(2^{481}\) computations while the previous best attack is for 5 rounds with \(2^{481.5}\) computations. Regarding the collision attack, 8 rounds of the compression function are attacked with \(2^{120}\) computations, while the previous best attack is for 7 rounds with \(2^{184}\) computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported.
For the entire collection see [Zbl 1258.94006].

MSC:

94A60 Cryptography
PDFBibTeX XMLCite
Full Text: DOI