#### Filter Results:

#### Publication Year

1987

2016

#### Co-author

#### Key Phrase

#### Publication Venue

Learn More

1 Collisions for MD5 MD5 is the hash function designed by Ron Rivest [9] as a strengthened version of MD4[8]. In 1993 Bert den Boer and Antoon Bosselaers [1] found pseudo-collision for MD5 which is made of the same message with two different sets of initial value. H. Dobbertin[3] found another kind of collision which consists of two different 512-bit… (More)

A new secret-key block cipher is proposed as a candidate for a new encryption standard. In the proposed cipher, the plaintext and the ciphertext are 64 bit blocks, while the secret key is 128 bit long. The cipher is based on the design concept of mixing operations from diierent algebraic groups". The cipher structure was chosen to provide confusion and… (More)

This paper considers the security of iterated block ciphers against the diierential crypt-analysis introduced by Biham and Shamir. Diierential cryptanalysis is a chosen-plaintext attack on secret-key block ciphers that are based on iterating a cryptographically weak function r times e.g., the 16-round Data Encryption Standard DES. It is shown that the… (More)

MD4 is a hash function developed by Rivest in 1990. It serves as the basis for most of the dedicated hash functions such as MD5, SHAx, RIPEMD, and HAVAL. In 1996, Dobbertin showed how to find collisions of MD4 with complexity equivalent to 2 20 MD4 hash computations. In this paper, we present a new attack on MD4 which can find a collision with probability 2… (More)

Iterated hash functions based on block ciphers are treated. Five attacks on an iterated hash function and on its round function are formulated. The wisdom of strengthening such hash functions by constraining the last block of the message to be hashed is stressed. Schemes for constructing m-bit and 2m-bit hash round functions from m-bit block ciphers are… (More)

In this paper, we formalize an attack scheme using the key-dependent property, called key-dependent attack. In this attack, the intermediate value, whose distribution is key-dependent, is considered. The attack determines whether a key is right by conducting statistical hypothesis test of the intermediate value. The time and data complexity of the… (More)

The security of hash functions based on a block cipher with a block length of m bits and a key length of k bits, where k ≤ m, is considered. New attacks are presented on a large class of iterated hash functions with a 2m-bit hash result which processes in each iteration two message blocks using two encryptions. In particular, the attacks break three… (More)

- Xuejia Lai, James L Massey, Sean Murphy
- 1991

This paper considers the security of iterated block ciphers against the diierential cryptanalysis introduced by Biham and Shamir. Diierential cryptanalysis is a chosen-plaintext attack on secret-key block ciphers that are based on iterating a cryptographically weak function r times (e.g., the 16-round Data Encryption Standard (DES)). It is shown that the… (More)