Abstract
After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Zémor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function. We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time. Our attacks definitely break the Tillich-Zémor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure. © 2011 Springer-Verlag Berlin Heidelberg.
Cite
CITATION STYLE
Petit, C., & Quisquater, J. J. (2011). Preimages for the tillich-zémor hash function. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6544 LNCS, pp. 282–301). https://doi.org/10.1007/978-3-642-19574-7_20
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
