2015 | OriginalPaper | Chapter
Collision Attack on 5 Rounds of Grøstl
Authors : Florian Mendel, Vincent Rijmen, Martin Schläffer
Published in: Fast Software Encryption
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
Abstract
Grøstl
hash function. This significantly improves upon the best previously published results on 3 rounds. By using a new type of differential trail spanning over more than one message block we are able to construct collisions for Grøstl
-256 on 4 and 5 rounds with complexity of \(2^{67}\) and \(2^{120}\), respectively. Both attacks need \(2^{64}\) memory. Due to the generic nature of our attack we can even construct meaningful collisions in the chosen-prefix setting with the same attack complexity.