2015 | OriginalPaper | Buchkapitel
Cryptanalysis of Reduced-Round Whirlwind
verfasst von : Bingke Ma, Bao Li, Ronglin Hao, Xiaoqian Li
Erschienen in: Information Security and Privacy
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The
Whirlwind
hash function, which outputs a 512-bit digest, was designed by Barreto
$$et\ al.$$
e
t
a
l
.
and published by
Design, Codes and Cryptography
in 2010. In this paper, we provide a thorough cryptanalysis on
Whirlwind
. Firstly, we focus on security properties at the hash function level by presenting (second) preimage, collision and distinguishing attacks on reduced-round
Whirlwind
. In order to launch the preimage attack, we have to slightly tweak the original Meet-in-the-Middle preimage attack framework on
AES
-like compression functions by partially fixing the values of the state. Based on this slightly tweaked framework, we are able to construct several new and interesting preimage attacks on reduced-round
Whirlpool
and
AES
hashing modes as well. Secondly, we investigate security properties of the reduced-round components of
Whirlwind
, including semi-free-start and free-start (near) collision attacks on the compression function, and a limited-birthday distinguisher on the inner permutation. As far as we know, our results are currently the best cryptanalysis on
Whirlwind
.