International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Improved Collision Attacks on the Reduced-Round Gr{\o}stl Hash Function

Authors:
Kota Ideguchi
Elmar Tischhauser
Bart Preneel
Download:
URL: http://eprint.iacr.org/2010/375
Search ePrint
Search Google
Abstract: We analyze the Gr{\o}stl hash function, which is a 2nd-round candidate of the SHA-3 competition. Using the start-from-the-middle variant of the rebound technique, we show collision attacks on the Gr{\o}stl-256 hash function reduced to 5 and 6 out of 10 rounds with time complexities $2^{48}$ and $2^{112}$, respectively. Furthermore, we demonstrate semi-free-start collision attacks on the Gr{\o}stl-224 and -256 hash functions reduced to 7 rounds and the Gr{\o}stl-224 and -256 compression functions reduced to 8 rounds. Our attacks are based on differential paths between the two permutations $P$ and $Q$ of Gr{\o}stl, a strategy introduced by Peyrin to construct distinguishers for the compression function. In this paper, we extend this approach to construct collision and semi-free-start collision attacks for both the hash and the compression function. Finally, we present improved distinguishers for reduced-round versions of the Gr{\o}stl-224 and -256 permutations.
BibTeX
@misc{eprint-2010-23276,
  title={Improved Collision Attacks on the Reduced-Round Gr{\o}stl Hash Function},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / hash functions},
  url={http://eprint.iacr.org/2010/375},
  note={ kota.ideguchi.yf@hitachi.com 14791 received 1 Jul 2010},
  author={Kota Ideguchi and Elmar Tischhauser and Bart Preneel},
  year=2010
}