Learn More
1 Collisions for MD5 MD5 is the hash function designed by Ron Rivest [9] as a strengthened version of MD4[8]. In 1993 Bert den Boer and Antoon Bosselaers [1] found pseudo-collision for MD5 which is made of the same message with two different sets of initial value. H. Dobbertin[3] found another kind of collision which consists of two different 512-bit(More)
A new secret-key block cipher is proposed as a candidate for a new encryption standard. In the proposed cipher, the plaintext and the ciphertext are 64 bit blocks, while the secret key is 128 bit long. The cipher is based on the design concept of \mixing operations from di erent algebraic groups". The cipher structure was chosen to provide confusion and di(More)
MD4 is a hash function developed by Rivest in 1990. It serves as the basis for most of the dedicated hash functions such as MD5, SHAx, RIPEMD, and HAVAL. In 1996, Dobbertin showed how to find collisions of MD4 with complexity equivalent to 2 MD4 hash computations. In this paper, we present a new attack on MD4 which can find a collision with probability 2−2(More)
Iterated hash functions based on block ciphers are treated. Five attacks on an iterated hash function and on its round function are formulated. The wisdom of strengthening such hash functions by constraining the last block of the message to be hashed is stressed. Schemes for constructing m-bit and 2m-bit hash round functions fromm-bit block ciphers are(More)
In this paper, we propose a systematic method for finding impossible differentials for block cipher structures, better than the Umethod introduced by Kim et al [4]. It is referred as a unified impossible differential finding method (UID-method). We apply the UID-method to some popular block ciphers such as Gen-Skipjack, Gen-CAST256, GenMARS, Gen-RC6,(More)
Keccak is one of the five hash functions selected for the final round of the SHA-3 competition and its inner primitive is a permutation called Keccakf . In this paper, we find that for the inverse of the only one nonlinear transformation of Keccak-f , the algebraic degrees of any output coordinate and of the product of any two output coordinates are both 3(More)
The family of WG stream ciphers has good randomness properties. In this paper, we parameterize WG-7 stream cipher for RFID tags, where the modest computation/storage capabilities and the necessity to keep their prices low present a challenging problem that goes beyond the well-studied cryptography. The rigorous security analysis of WG-7 indicates that it is(More)
White-Box attack context is the setting that the attacker has total access to the software execution and can observe or manipulate the dynamic execution of whole or part of the algorithms. In order to protect AES software operated in such context, Chow et al. designed an obfuscated AES implementation with a set of key-dependent look-up tables, which was(More)
In this paper, we present a fast attack algorithm to find two-block collision of hash function MD5. The algorithm is based on the two-block collision differential path of MD5 that was presented by Wang et al. in the Conference EUROCRYPT 2005. We found that the derived conditions for the desired collision differential path were not sufficient to guarantee(More)