In this paper we study the second preimage resistance of Hamsi-256, a second round SHA-3 candidate. We show that it is possible to find affine equations between some input bits and some output bits on the 3-round compression function. This property enables an attacker to find pseudo preimages for the Hamsi-256 compression function. The pseudo preimage algorithm can be used to find second preimages of the digests of messages M with complexity 2251.3, which is lower than the best generic attacks when M is short. © 2010 International Association for Cryptologic Research.
CITATION STYLE
Fuhr, T. (2010). Finding second preimages of short messages for Hamsi-256. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6477 LNCS, pp. 20–37). Springer Verlag. https://doi.org/10.1007/978-3-642-17373-8_2
Mendeley helps you to discover research relevant for your work.