International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Preimage Attacks on CellHash, SubHash and Strengthened Versions of CellHash and SubHash

Authors:
Donghoon Chang
Download:
URL: http://eprint.iacr.org/2006/412
Search ePrint
Search Google
Abstract: CellHash \cite{DaGoVa91} and SubHash \cite{DaGoVa92} were suggested by J. Daemen, R. Govaerts and J. Vandewalle in 1991 and 1992. SubHash is an improved version from CellHash. They have 257-bit internal state and 256-bit hash output. In this paper, we show a preimage attack on CellHash (SubHash) with the complexity $2^{129+t}$ and the memory $2^{128-t}$ for any $t$ (with the complexity about $2^{242}$ and the memory size $2^{17}$). Even though we modify them in a famous way, we show that we can find a preimage on the modified CellHash (the modified SubHash) with the complexity $2^{200}$ and the memory size $2^{59}$ (with the complexity about $2^{242}$ and the memory size $2^{17}$).
BibTeX
@misc{eprint-2006-21903,
  title={Preimage Attacks on CellHash, SubHash and Strengthened Versions of CellHash and SubHash},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / Hash Function, Preimage Attack},
  url={http://eprint.iacr.org/2006/412},
  note={ pointchang@gmail.com 13485 received 7 Nov 2006, last revised 3 Dec 2006},
  author={Donghoon Chang},
  year=2006
}