International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Chosen-Prefix Collisions on AES-like Hashing

Authors:
Shiyao Chen
Xiaoyang Dong
Jian Guo
Tianyu Zhang
Download:
DOI: 10.46586/tosc.v2024.i4.64-96
URL: https://tosc.iacr.org/index.php/ToSC/article/view/11951
Search ePrint
Search Google
Abstract: Chosen-prefix collision (CPC) attack was first presented by Stevens, Lenstra and de Weger on MD5 at Eurocrypt 2007. A CPC attack finds a collision for any two chosen prefixes, which is a stronger variant of collision attack. CPCs are naturally harder to construct but have larger practical impact than (identical-prefix) collisions, as seen from the series of previous works on MD5 by Stevens et al. and SHA-1 by Leurent and Peyrin. Despite its significance, the resistance of CPC attacks has not been studied on AES-like hashing.In this work, we explore CPC attacks on AES-like hashing following the framework practiced on MD5 and SHA-1. Instead of the message modification technique developed for MD-SHA family, we opt for related-key rebound attack to construct collisions for AES-like hashing in view of its effectiveness. We also note that the CPC attack framework can be exploited to convert a specific class of one-block free-start collisions into two-block collisions, which sheds light on the importance of free-start collisions. As a result, we present the first CPC attacks on reduced Whirlpool, Saturnin-hash and AES-MMO/MP in classic and quantum settings, and extend the collision attack on Saturnin-hash from 5 to 6 rounds in the classic setting. As an independent contribution, we improve the memoryless algorithm of solving 3-round inbound phase by Hosoyamada and Sasaki at Eurocrpyt 2020, which leads to improved quantum attacks on Whirlpool. Notably, we find the first 6-round memoryless quantum collision attack on Whirlpool better than generic CNS collision finding algorithm when exponential-size qRAM is not available but exponential-size classic memory is available.
BibTeX
@article{tosc-2024-34889,
  title={Chosen-Prefix Collisions on AES-like Hashing},
  journal={IACR Transactions on Symmetric Cryptology},
  publisher={Ruhr-Universität Bochum},
  volume={2024},
  pages={64-96},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/11951},
  doi={10.46586/tosc.v2024.i4.64-96},
  author={Shiyao Chen and Xiaoyang Dong and Jian Guo and Tianyu Zhang},
  year=2024
}