International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Hongbo Yu

Publications

Year
Venue
Title
2021
TOSC
Improved Preimage Attacks on 4-Round Keccak-224/256
Le He Xiaoen Lin Hongbo Yu
This paper provides an improved preimage attack method on standard 4-round Keccak-224/256. The method is based on the work pioneered by Li and Sun, who design a linear structure of 2-round Keccak-224/256 with 194 degrees of freedom left. By partially linearizing 17 output bits through the last 2 rounds, they finally reach a complexity of 2207/2239 for searching a 4-round preimage. Yet under their strategy, those 17 bits are regarded as independent bits and the linearization costs a great amount of freedom. Inspired by their thoughts, we improve the partial linearization method where multiple output bits can reuse some common degrees of freedom. As a result, the complexity of preimage attack on 4-round Keccak-224/256 can be decreased to 2192/2218, which are both the best known theoretical preimage cryptanalysis so far. To support the theoretical analysis, we apply our strategy to a 64-bit partial preimage attack within practical complexity. It is remarkable that this partial linearization method can be directly applied if a better linear structure with more freedom left is proposed.
2015
EPRINT
2013
FSE
2010
EPRINT
Cryptanalysis of the Compression Function of SIMD
Hongbo Yu Xiaoyun Wang
SIMD is one of the second round candidates of the SHA-3 competition hosted by NIST. In this paper, we present some results on the compression function of SIMD 1.1 (the tweaked version) using the modular difference method. For SIMD-256, We give a free-start near collision attack on the compression function reduced to 20 steps with complexity $2^{-107}$. And for SIMD-512, we give a free-start near collision attack on the 24-step compression function with complexity $2^{208}$. Furthermore, we give a distinguisher attack on the full compression function of SIMD-512 with complexity $2^{398}$. Our attacks are also applicable for the final compression function of SIMD.
2009
EUROCRYPT
2007
EPRINT
MultiCollision Attack on the Compression Functions of MD4 and 3-Pass HAVAL
Hongbo Yu Xiaoyun Wang
In this paper, we present a new type of MultiCollision attack on the compression functions both of MD4 and 3-Pass HAVAL. For MD4, we utilize two feasible different collision differential paths to find a 4-collision with 2^{19} MD4 computations. For 3-Pass HAVAL, we present three near-collision differential paths to find a 8 NearCollision with 2^{9} HAVAL computations.
2006
FSE
2005
CRYPTO
2005
CRYPTO
2005
EUROCRYPT
2004
EPRINT

Program Committees

FSE 2014
Asiacrypt 2011