Abstract
T-functions are a useful new tool to design symmetric-key algorithms, introduced by Klimov and Shamir in 2002. They have already been used to build stream ciphers and new applications for block ciphers and hash functions have been recently suggested.
In this paper, we analyze the security of several possible constructions of hash functions, based on T-functions. We show that most natural ideas are insecure. As an application, we describe a practical preimage attack against the dedicated hash function used in the MySQL password-based authentication mechanisms.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Arce, I., Azubel, A., Kargieman, E., Richarte, G., Sarraute, C., Waissbein, A.: An attack on the MySQL authentication protocol. Technical report from Core Security Technologies (2002)
Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård Revisited: How to Construct a Hash Function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)
Hong, J., Lee, D., Yeom, Y., Han, D.: A New Class of Single Cycle T-Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 68–82. Springer, Heidelberg (2005)
Joux, A.: Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)
Kelsey, J., Schneier, B.: Second Preimages on n-Bit Hash Functions for Much Less than 2n Work. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)
Klimov, A.: Applications of T-functions in Cryptography. PhD thesis, Weizmann Institute of Science (2004), http://www.wisdom.weizmann.ac.il/ask/
Klimov, A., Shamir, A.: A New Class of Invertible Mappings. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 470–483. Springer, Heidelberg (2003)
Klimov, A., Shamir, A.: Cryptographic Applications of T-functions. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 248–261. Springer, Heidelberg (2004)
Klimov, A., Shamir, A.: New Applications of T-Functions in Block Ciphers and Hash Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 18–31. Springer, Heidelberg (2005)
Knudsen, L.: SMASH - A Cryptographic Hash Function. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 228–242. Springer, Heidelberg (2005)
Künzli, S., Junod, P., Meier, W.: Distinguishing Attacks on T-Functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 2–15. Springer, Heidelberg (2005)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Mitra, J., Sarkar, P.: Time-Memory Trade-Off Attacks on Multiplications and T-functions. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 468–482. Springer, Heidelberg (2004)
Muller, F., Peyrin, T.: Linear Cryptanalysis of the TSC Family of Stream Ciphers. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 373–394. Springer, Heidelberg (2005)
MySQL Downloads, See: http://dev.mysql.com/downloads
MySQL Website, See: http://www.mysql.com
National Institute of Standards and Technology (NIST). Secure Hash Standard FIPS Publication 180-1 (April 1995), Available at: http://www.itl.nist.gov/fipspubs/fip180-1.htm
Patarin, J., Camion, P.: Design of Near-Optimal Pseudorandom Functions and Pseudorandom Permutations in the Information-Theoretic Model. Cryptology ePrint Archive, Report 2005/135 (2005), http://eprint.iacr.org/
Peyrin, T., Gilbert, H., Muller, F., Robshaw, M.: Combining Compression Functions and Block Cipher-Based Hash. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 315–331. Springer, Heidelberg (2006)
Pramstaller, N., Rechberger, C., Rijmen, V.: Breaking a New Hash Function Design Strategy Called SMASH. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 233–244. Springer, Heidelberg (2006)
Preneel, B.: Analysis and design of cryptographic hash functions. PhD thesis, Katholieke Universiteit Leuven (1993)
Wang, X., Yin, Y., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)
Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Muller, F., Peyrin, T. (2006). Cryptanalysis of T-Function-Based Hash Functions. In: Rhee, M.S., Lee, B. (eds) Information Security and Cryptology – ICISC 2006. ICISC 2006. Lecture Notes in Computer Science, vol 4296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11927587_23
Download citation
DOI: https://doi.org/10.1007/11927587_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49112-5
Online ISBN: 978-3-540-49114-9
eBook Packages: Computer ScienceComputer Science (R0)