The Second-Preimage Attack on MD4

@inproceedings{Yu2005TheSA,
  title={The Second-Preimage Attack on MD4},
  author={Hongbo Yu and Gaoli Wang and Guoyan Zhang and Xiaoyun Wang},
  booktitle={CANS},
  year={2005}
}
In Eurocrypt’05, Wang et al. presented new techniques to find collisions of Hash function MD4. The techniques are not only efficient to search for collisions, but also applicable to explore the second- preimage of MD4. About the second-preimage attack, they showed that a random message was a weak message with probability 2−122 and it only needed a one-time MD4 computation to find the second-preimage corresponding to the weak message. A weak message means that there exits a more efficient attack… 
Collision Attack on the Full Extended MD4 and Pseudo-Preimage Attack on RIPEMD
  • G. Wang
  • Computer Science, Mathematics
    Journal of Computer Science and Technology
  • 2013
TLDR
A collision attack on the full Extended MD4 and a pseudo-preimage attack onThe full RIPEMD respectively are proposed, which optimizes the complexity order for brute-force attack.
Pseudo-Cryptanalysis of Luffa
TLDR
It is noted that, the pseudo-collision pairs and the pseudosecond images can be found easily by computing the inverse of the message injection function at the beginning of Luffa, and is directly converted to the forgery attack on NMAC in related key cases.
MD4 is Not One-Way
TLDR
This paper shows a partial pseudo-preimage attack on the compression function of MD4, using some ideas from previous cryptanalysis ofMD4, and is believed to be the first pre image attack on a member of the MD4 family.
Advanced Meet-in-the-Middle Preimage Attacks: First Results on Full Tiger, and Improved Results on MD4 and SHA-2
TLDR
The results are the best known preimage attacks on Tiger, MD4, and reduced SHA-2, with the result on Tiger being the first cryptanalytic shortcut attack on the full hash function.
Collision Attack for the Hash Function Extended MD4
TLDR
This work gives a collision attack on the full Extended MD4 with a complexity of about 237, and provides a new reference to the collision analysis of other hash functions such as RIPEMD-160 etc. which consist of two lines.
Second-Preimage Analysis of Reduced SHA-1
TLDR
This paper reduces the complexity of a 2nd-preimage shortcut attack on 34-step SHA-1 from an impractically high complexity to practical complexity, by giving two examples.
Preimages for Reduced SHA-0 and SHA-1
TLDR
This paper examines the resistance of the popular hash function SHA-1 and its predecessor SHA-0 against dedicated preimage attacks and develops two new cryptanalytic techniques that obtain preimage-style shortcuts attacks for up to 45 steps ofSHA-1, and up to 50 steps of SHA- 0.
New Message Differences for Collision Attacks on MD4 and MD5
TLDR
This paper proposes new message differences for collision attacks on MD4 and MD5 that can generate a collision with complexity of less than two MD4 computations, which is faster than the original Wang et al.'s attack, and moreover, than the all previous attacks.
Multi-differential Cryptanalysis on Reduced DM-PRESENT-80: Collisions and Other Differential Properties
TLDR
The current paper studies differential properties of the compression function of reduced-round DM-PRESENT-80, which was proposed at CHES 2008 as a lightweight hash function with 64-bit digests and success lies in the detailed analysis of the data transition, where the internal state and message values are carefully chosen.
Improved preimage attack on one-block MD4
...
...

References

SHOWING 1-10 OF 24 REFERENCES
How to Break MD5 and Other Hash Functions
TLDR
A new powerful attack on MD5 is presented, which unlike most differential attacks, does not use the exclusive-or as a measure of difference, but instead uses modular integer subtraction as the measure.
The First Two Rounds of MD4 are Not One-Way
TLDR
It is explored how the recently developed new analytic methods for finding collisions can be applied to construct preimages or second preimages for MD4 and its successors.
An attack on hash function HAVAL-128
TLDR
A fast attack against hash function—HAVAL-128, where, given any 1024-bit message m, the modified message m can collide with another message m′ only with probability 1/27, where m′=m+Δm, in which Δm is a fixed difference selected in advance.
An attack on hash function HAVAL-128
TLDR
A fast attack against hash function—HAVAL-128, where, given any 1024-bit message m, the modified message m can collide with another message m′ only with probability 1/27, where m′=m+Δm, in which Δm is a fixed difference selected in advance.
Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings
  • R. Cramer
  • Computer Science, Mathematics
    EUROCRYPT
  • 2005
TLDR
This paper discusses Cryptography in High Dimensional Tori, a Tool Kit for Finding Small Roots of Bivariate Polynomials over the Integers, and reducing Complexity Assumptions for Statistically-Hiding Commitment.
Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings
  • V. Shoup
  • Computer Science, Mathematics
    CRYPTO
  • 2005
TLDR
This work discusses efficient Collision Search Attacks on SHA-0, one-Way Secret-Key Agreement and Applications to Circuit Polarization and Immunization of Public-Key Encryption, and more.
HAVAL - A One-Way Hashing Algorithm with Variable Length of Output
TLDR
This paper proposes a one-way hashing algorithm called HAVAL, which compresses a message of arbitrary length into a fingerprint of 128, 160, 192, 224 or 256 bits, and is very efficient and particularly suited for 32-bit computers which predominate the current workstation market.
Finding Collisions in the Full SHA-1
TLDR
This is the first attack on the full 80-step SHA-1 with complexity less than the 280 theoretical bound, and it is shown that collisions ofSHA-1 can be found with complexityLess than 269 hash operations.
Integrity Primitives for Secure Information Systems
This is a manual intended for those seeking to secure information systems by applying modern cryptography. It represents the successful at tainment of goals by RIPE (RACE Integrity Primitives
Efficient Collision Search Attacks on SHA-0
TLDR
Using the new techniques, this paper can find collisions of the full 80-step SHA-0 with complexity less than 239 hash operations.
...
...