Abstract
In this paper, we propose cryptanalysis of the hash function Cheetah-256. Cheetah is accepted as a first round candidate of SHA-3 competition hosted by NIST [1], but it is not in the second round. First, we discuss relation between degrees of freedom injected from round message blocks and round number of a pseudo-collision attack on hash functions with S boxes and MDS diffusion. A pseudo-collision attack on 8-round Cheetah-256 can be derived by trivially applying original rebound techniques. Then, we propose a rebound differential path for semi-free start collision attack on 12-round Cheetah-256 and an observation of the neutral bytes' influence on state values. Based on this observation, algebraic message modifications are designed using the neutral bytes and total complexity is reduced to 224. This is a practical rebound attack. © 2010 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Wu, S., Feng, D., & Wu, W. (2010). Practical rebound attack on 12-round cheetah-256. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5984 LNCS, pp. 300–314). https://doi.org/10.1007/978-3-642-14423-3_20
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
