Skip to main content

Cryptanalysis of T-Function-Based Hash Functions

Applications to MySQL Password Algorithms

  • Conference paper
Information Security and Cryptology – ICISC 2006 (ICISC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4296))

Included in the following conference series:

  • 928 Accesses

Abstract

T-functions are a useful new tool to design symmetric-key algorithms, introduced by Klimov and Shamir in 2002. They have already been used to build stream ciphers and new applications for block ciphers and hash functions have been recently suggested.

In this paper, we analyze the security of several possible constructions of hash functions, based on T-functions. We show that most natural ideas are insecure. As an application, we describe a practical preimage attack against the dedicated hash function used in the MySQL password-based authentication mechanisms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Arce, I., Azubel, A., Kargieman, E., Richarte, G., Sarraute, C., Waissbein, A.: An attack on the MySQL authentication protocol. Technical report from Core Security Technologies (2002)

    Google Scholar 

  2. Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård Revisited: How to Construct a Hash Function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)

    Google Scholar 

  3. Hong, J., Lee, D., Yeom, Y., Han, D.: A New Class of Single Cycle T-Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 68–82. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. Joux, A.: Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Google Scholar 

  5. Kelsey, J., Schneier, B.: Second Preimages on n-Bit Hash Functions for Much Less than 2n Work. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Klimov, A.: Applications of T-functions in Cryptography. PhD thesis, Weizmann Institute of Science (2004), http://www.wisdom.weizmann.ac.il/ask/

  7. Klimov, A., Shamir, A.: A New Class of Invertible Mappings. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 470–483. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Klimov, A., Shamir, A.: Cryptographic Applications of T-functions. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 248–261. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Klimov, A., Shamir, A.: New Applications of T-Functions in Block Ciphers and Hash Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 18–31. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Knudsen, L.: SMASH - A Cryptographic Hash Function. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 228–242. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Künzli, S., Junod, P., Meier, W.: Distinguishing Attacks on T-Functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 2–15. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  13. Mitra, J., Sarkar, P.: Time-Memory Trade-Off Attacks on Multiplications and T-functions. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 468–482. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Muller, F., Peyrin, T.: Linear Cryptanalysis of the TSC Family of Stream Ciphers. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 373–394. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  15. MySQL Downloads, See: http://dev.mysql.com/downloads

  16. MySQL Website, See: http://www.mysql.com

  17. National Institute of Standards and Technology (NIST). Secure Hash Standard FIPS Publication 180-1 (April 1995), Available at: http://www.itl.nist.gov/fipspubs/fip180-1.htm

  18. Patarin, J., Camion, P.: Design of Near-Optimal Pseudorandom Functions and Pseudorandom Permutations in the Information-Theoretic Model. Cryptology ePrint Archive, Report 2005/135 (2005), http://eprint.iacr.org/

  19. Peyrin, T., Gilbert, H., Muller, F., Robshaw, M.: Combining Compression Functions and Block Cipher-Based Hash. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 315–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  20. Pramstaller, N., Rechberger, C., Rijmen, V.: Breaking a New Hash Function Design Strategy Called SMASH. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 233–244. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  21. Preneel, B.: Analysis and design of cryptographic hash functions. PhD thesis, Katholieke Universiteit Leuven (1993)

    Google Scholar 

  22. Wang, X., Yin, Y., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Google Scholar 

  23. Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Muller, F., Peyrin, T. (2006). Cryptanalysis of T-Function-Based Hash Functions. In: Rhee, M.S., Lee, B. (eds) Information Security and Cryptology – ICISC 2006. ICISC 2006. Lecture Notes in Computer Science, vol 4296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11927587_23

Download citation

  • DOI: https://doi.org/10.1007/11927587_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-49112-5

  • Online ISBN: 978-3-540-49114-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics