对缩减轮数SM3散列函数改进的原像与伪碰撞攻击

邹剑; 董乐

doi:10.11959/j.issn.1000-436x.2018011

您当前的位置：

首页 >

文章列表页 >

对缩减轮数SM3散列函数改进的原像与伪碰撞攻击

学术论文 | 更新时间：2024-06-05

- 对缩减轮数SM3散列函数改进的原像与伪碰撞攻击
- Improved preimage and pseudo-collision attacks on SM3 hash function
- 通信学报 2018年39卷第1期页码：46-55
- 作者机构：
  
  1. 福州大学数学与计算机科学学院，福建福州 350108
  2. 福州大学网络系统信息安全重点实验室，福建福州 350108
  3. 河南师范大学大数据统计分析与优化控制河南工程实验室，河南新乡 453007
- 作者简介：
  
  [ "邹剑（1985-），男，福建福州人，博士，福州大学讲师，主要研究方向为散列函数和分组密码的分析。" ]
  [ "董乐（1980-），男，河南新乡人，博士，河南师范大学副教授，主要研究方向为散列函数和分组密码的分析。" ]
- 基金信息：
  
  福建省中青年教师教育科研基金资助项目(JAT170097);福州大学科研启动基金资助项目(510150)
- DOI：10.11959/j.issn.1000-436x.2018011
  中图分类号： TP309
- 网络出版日期：2018-01，
  
  纸质出版日期：2018-01-25
- 稿件说明：
移动端阅览
邹剑, 董乐. 对缩减轮数SM3散列函数改进的原像与伪碰撞攻击[J]. 通信学报, 2018,39(1):46-55.

Jian ZOU, Le DONG. Improved preimage and pseudo-collision attacks on SM3 hash function[J]. Journal on communications, 2018, 39(1): 46-55.
邹剑, 董乐. 对缩减轮数SM3散列函数改进的原像与伪碰撞攻击[J]. 通信学报, 2018,39(1):46-55. DOI： 10.11959/j.issn.1000-436x.2018011.

Jian ZOU, Le DONG. Improved preimage and pseudo-collision attacks on SM3 hash function[J]. Journal on communications, 2018, 39(1): 46-55. DOI： 10.11959/j.issn.1000-436x.2018011.

摘要

提出了对SM3散列函数32轮的原像攻击和33轮的伪碰撞攻击。利用差分中间相遇攻击与biclique技术改进了对SM3的原像分析结果，将攻击结果从之前的30轮提高到了32轮。基于上述方法，通过扩展32轮原像攻击中的差分路径，对SM3构造了33轮的伪碰撞攻击。以2

254.5

的时间复杂度与2

的空间复杂度构造了对SM3的32轮原像攻击，并以2

126.7

的时间复杂度与2

的空间复杂度构造了对SM3的33轮伪碰撞攻击。

Abstract

A preimage attack on 32-step SM3 hash function and a pseudo-collision attack on 33-step SM3 hash function respectively were shown.32-step preimage attack was based on the differential meet-in-the-middle and biclique technique

while the previously known best preimage attack on SM3 was only 30-step.The 33-step pseudo-collision attack was constructed by using the same techniques.The preimage attack on 32-step SM3 can be computed with a complexity of 2

254.5

and a memory of 2

.Furthermore

The pseudo-preimage and pseudo-collision attacks on 33-step SM3 by extending the differential characteristic of the 32-step preimage attack were present.The pseudo-collision attack on 33-step SM3 can be computed with a complexity of 2

126.7

and a memory of 2

关键词

Keywords

references

SASAKI Y , AOKI K . Preimage attacks on step-reduced MD5 [C ] // The 13th Information Security and Privacy Australasian Conference . 2008 : 282 - 296 .

GUO J , LING S , RRCHBERGER C . Advanced meet-in-the-middle preimage attacks:first results on full Tiger,and improved results on MD4 and SHA-2 [C ] // The 16th International Conference on the Theory and Application of Cryptology and Information Security . 2010 : 56 - 75 .

CANNIERE D C , RECHBERGER C . Preimages for reduced SHA-0 and SHA-1 [C ] // The 28th Annual International Cryptology Conference , 2008 : 179 - 202 .

KHOVRATOVICH D , RECHBERGER C , SAVELIEVA A . Bicliques for preimages:attacks on skein-512 and the SHA-2 family [C ] // The 19th Fast Software Encryption International Workshop . 2012 : 244 - 263 .

LI J , ISOBE T , SHIBUTANI K . Converting meet-in-the-middle preimage attack into pseudo collision attack:application to SHA-2 [C ] // The 19th Fast Software Encryption International Workshop . 2012 : 264 - 286 .

KNELLWOLF S , KHOVRATOVICH D . New preimage attacks against reduced SHA-1 [C ] // The Advances in Cryptology 32nd Annual Cryptology Conference . 2012 : 367 - 383 .

ZOU J , WU W.L , WU S , et al . Preimage attacks on step-reduced sm3 hash function [C ] // The 14th Information Security and Cryptology International Conference . 2011 : 375 - 390 .

WANG G L , SHEN Y . Z:Preimage and pseudo-collision attacks on step-reduced SM3 hash function [J ] . Inf Process Lett , 2013 , 113 ( 8 ): 301 - 306 .

MENDEL F , NAD T , SCHLAFER M . Finding collisions for round-reduced SM3 [C ] // The Cryptographers' Track at the {RSA}Conference 2013 . 2013 : 174 - 188 .

AOKI K , SASAKI Y . Preimage attacks on one-block MD4,63-step MD5 and more [S ] // Workshop Records of SAC 2008 . 2008 : 82 - 98 .

PAUL C O A , MENEZES J , SCOTT A . Vanstone.handbook of applied cryptography [M ] . CRC Press , 1996 .

浏览量

1331

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

对缩减轮数DHA-256的原像与伪碰撞攻击