nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

Branching Heuristics in Differential Collision Search with Applications to SHA-512

verfasst von : Maria Eichlseder, Florian Mendel, Martin Schläffer

Erschienen in: Fast Software Encryption

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In this work, we present practical semi-free-start collisions for SHA-512 on up to 38 (out of 80) steps with complexity \(2^{40.5}\). The best previously published result was on 24 steps. The attack is based on extending local collisions as proposed by Mendel et al. in their Eurocrypt 2013 attack on SHA-256. However, for SHA-512, the search space is too large for direct application of these techniques. We achieve our result by improving the branching heuristic of the guess-and-determine approach to find differential characteristics and conforming message pairs. Experiments show that for smaller problems like 27 steps of SHA-512, the heuristic can also speed up the collision search by a factor of \(2^{20}\).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Cryptanalysis of KLEIN

Nächstes Kapitel On the Minimum Number of Multiplications Necessary for Universal Hash Functions

Aoki, K., Guo, J., Matusiewicz, K., Sasaki, Y., Wang, L.: Preimages for step-reduced SHA-2. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 578–597. Springer, Heidelberg (2009) CrossRef

Bernstein, D.J., Lange, T.: eBASH: ECRYPT benchmarking of all submitted hashes, January 2011. http://bench.cr.yp.to/ebash.html

Buro, M., Kleine-Büning, H.: Report on a SAT competition. Bull. Eur. Assoc. Theor. Comput. Sci. 49, 143–151 (1993)MATH

Canteaut, A. (ed.): FSE 2012. LNCS, vol. 7549. Springer, Heidelberg (2012) MATH

Cramer, R. (ed.): EUROCRYPT 2005. LNCS, vol. 3494. Springer, Heidelberg (2005) MATH

Davis, M., Logemann, G., Loveland, D.W.: A machine program for theorem-proving. Commun. ACM 5(7), 394–397 (1962)CrossRefMATHMathSciNet

De Cannière, C., Rechberger, C.: Finding SHA-1 characteristics: general results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006) CrossRef

Eén, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia and Tacchella [11], pp. 502–518

Eichlseder, M., Mendel, F., Nad, T., Rijmen, V., Schläffer, M.: Linear propagation in efficient guess-and-determine attacks. In: Budaghyan, L., Helleseth, T., Parker, M. G. (eds.) WCC (2013). http://www.selmer.uib.no/WCC2013/

10.

Freeman, J.W.: Improvements to propositional satisfiability search algorithms. Ph.D. thesis, Departement of computer and Information science, University of Pennsylvania, Philadelphia (1995)

11.

Giunchiglia, E., Tacchella, A. (eds.): SAT 2003. LNCS, vol. 2919. Springer, Heidelberg (2004) MATH

12.

Goldberg, E.I., Novikov, Y.: BerkMin: a fast and robust SAT-solver. In: DATE, pp. 142–149. IEEE Computer Society (2002)

13.

Herbstritt, M., Becker, B.: Conflict-based selection of branching rules. In: Giunchiglia and Tacchella [11], pp. 441–451

14.

Heule, M., van Maaren, H.: March_dl: adding adaptive heuristics and a new branching strategy. JSAT 2(1–4), 47–59 (2006)MATH

15.

Heule, M., van Maaren, H.: Look-ahead based SAT solvers. In: Biere, A., van Heule, M., Maaren, H., Walsh, T. (eds.) Handbook of Satisfiability. Frontiers in Artificial Intelligence and Applications, vol. 185, pp. 155–184. IOS Press, Amsterdam (2009)

16.

Indesteege, S., Mendel, F., Preneel, B., Rechberger, C.: Collisions and other non-random properties for step-reduced SHA-256. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 276–293. Springer, Heidelberg (2009) CrossRef

17.

Jeroslow, R.G., Wang, J.: Solving propositional satisfiability problems. Ann. Math. Artif. Intell. 1, 167–187 (1990)CrossRefMATH

18.

Johansson, T., Nguyen, P.Q. (eds.): EUROCRYPT 2013. LNCS, vol. 7881. Springer, Heidelberg (2013) MATH

19.

Khovratovich, D., Rechberger, C., Savelieva, A.: Bicliques for preimages: attacks on Skein-512 and the SHA-2 family. In: Canteaut [4], pp. 244–263

20.

Landelle, F., Peyrin, T.: Cryptanalysis of full RIPEMD-128. In: Johansson and Nguyen [18], pp. 228–244

21.

Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 226–243. Springer, Heidelberg (2012) CrossRef

22.

Leurent, G.: Construction of differential characteristics in ARX designs application to skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 241–258. Springer, Heidelberg (2013) CrossRef

23.

Li, C.M., Anbulagan: Heuristics based on unit propagation for satisfiability problems. In: IJCAI, vol. 1, pp. 366–371. Morgan Kaufmann, San Francisco (1997)

24.

Li, J., Isobe, T., Shibutani, K.: Converting meet-in-the-middle preimage attack into pseudo collision attack: application to SHA-2. In: Canteaut [4], pp. 264–286

25.

Liberatore, P.: On the complexity of choosing the branching literal in DPLL. Artif. Intell. 116(1–2), 315–326 (2000)CrossRefMATHMathSciNet

26.

Mendel, F., Nad, T., Scherz, S., Schläffer, M.: Differential attacks on reduced Ripemd-160. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 23–38. Springer, Heidelberg (2012) CrossRef

27.

Mendel, F., Nad, T., Schläffer, M.: Finding SHA-2 characteristics: searching through a minefield of contradictions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 288–307. Springer, Heidelberg (2011) CrossRef

28.

Mendel, F., Nad, T., Schläffer, M.: Finding collisions for round-reduced SM3. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 174–188. Springer, Heidelberg (2013) CrossRef

29.

Mendel, F., Nad, T., Schläffer, M.: Improving local collisions: new attacks on reduced SHA-256. In: Johansson and Nguyen [18], pp. 262–278

30.

Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: engineering an efficient SAT solver. In: DAC, pp. 530–535. ACM (2001)

31.

National Institute of Standards and Technology. FIPS PUB 180–3: Secure Hash Standard. Federal Information Processing Standards Publication 180–3, U.S. Department of Commerce, October 2008. http://www.itl.nist.gov/fipspubs

32.

National Institute of Standards and Technology. FIPS PUB 180–4: Secure Hash Standard. Federal Information Processing Standards Publication 180–4, U.S. Department of Commerce, March 2012. http://www.itl.nist.gov/fipspubs

33.

National Institute of Standards and Technology. SHA-3 Selection Announcement, October 2012. http://csrc.nist.gov/groups/ST/hash/sha-3/sha-3_selection_announcement.pdf

34.

Nikolić, I., Biryukov, A.: Collisions for step-reduced SHA-256. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 1–15. Springer, Heidelberg (2008) CrossRef

35.

Ouyang, M.: How good are branching rules in DPLL? Discrete Appl. Math. 89(1–3), 281–286 (1998)CrossRefMATHMathSciNet

36.

Sanadhya, S.K., Sarkar, P.: New collision attacks against up to 24-step SHA-2. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 91–103. Springer, Heidelberg (2008) CrossRef

37.

Schläffer, M., Oswald, E.: Searching for differential paths in MD4. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 242–261. Springer, Heidelberg (2006) CrossRef

38.

Shay Gueron, J.W., Johnson, S.: SHA-512/256. Cryptology ePrint Archive, Report 2010/548 (2010). http://eprint.iacr.org/

39.

Marques-Silva, J.: The impact of branching heuristics in propositional satisfiability algorithms. In: Barahona, P., Alferes, J.J. (eds.) EPIA 1999. LNCS (LNAI), vol. 1695, pp. 62–74. Springer, Heidelberg (1999) CrossRef

40.

Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the hash functions MD4 and RIPEMD. In: Cramer [5], pp. 1–18

41.

Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005) CrossRef

42.

Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer [5], pp. 19–35

Titel: Branching Heuristics in Differential Collision Search with Applications to SHA-512
verfasst von: Maria Eichlseder
Florian Mendel
Martin Schläffer
Verlag: Springer Berlin Heidelberg
Buch: Fast Software Encryption
Print ISBN: 978-3-662-46705-3

Electronic ISBN: 978-3-662-46706-0

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-662-46706-0_24

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"