Krystian Matusiewicz

Learn More
Grøstl is a SHA-3 candidate proposal. Grøstl is an iterated hash function with a compression function built from two fixed, large, distinct permutations. The design of Grøstl is transparent and based on principles very different from those used in the SHA-family. The two permutations are constructed using the wide trail design strategy, which makes it(More)
Notice: Changes introduced as a result of publishing processes such as copy-editing and formatting may not be reflected in this document. For a definitive version of this work, please refer to the published source: Abstract. This paper introduces our dedicated authenticated encryption scheme ICEPOLE. ICE-POLE is a high-speed hardware-oriented scheme,(More)
BLAKE is a hash function selected by NIST as one of the 14 second round candidates for the SHA-3 Competition. In this paper, we follow a bottom-up approach to exhibit properties of BLAKE and of its building blocks: based on differential properties of the internal function G, we show that a round of BLAKE is a permutation on the message space, and present an(More)
In this work, we apply the rebound attack to the AES based SHA-3 candidate Lane. The hash function Lane uses a permutation based compression function, consisting of a linear message expansion and 6 parallel lanes. In the rebound attack on Lane, we apply several new techniques to construct a collision for the full compression function of Lane-256 and(More)
In this paper we analyse the role of some of the building blocks of SHA-256. We show that the disturbance-correction strategy is applicable to the SHA-256 architecture and we prove that functions Σ, σ are vital for the security of SHA-256 by showing that for a variant without them it is possible to find collisions with complexity 2 64 hash operations. As a(More)
In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression(More)
We present several attacks on the block cipher C2, which is used for encrypting DVD Audio discs and Secure Digital cards. C2 has a 56 bit key and a secret 8 to 8 bit S-box. We show that if the attacker is allowed to choose the key, the S-box can be recovered in 2 24 C2 en-cryptions. Attacking the 56 bit key for a known S-box can be done in complexity 2 48.(More)