2007 | OriginalPaper | Chapter
Cryptanalysis of FORK-256
Authors : Krystian Matusiewicz, Thomas Peyrin, Olivier Billet, Scott Contini, Josef Pieprzyk
Published in: Fast Software Encryption
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong
et al.
at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with complexity of 2
125
(resp. 2
120
) and with negligible memory, and by exhibiting a 22-bit near pseudo-collision. We also show that we can find collisions for the full compression function with a small amount of memory with complexity not exceeding 2
126.6
hash evaluations. We further show how to reduce this complexity to 2
109.6
hash computations by using 2
73
memory words. Finally, we show that this attack can be extended with no additional cost to find collisions for the full hash function, i.e. with the predefined IV.