New Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru

In 1989---1990, two new hash functions were presented, Snefru and MD4. Snefru was soon broken by the newly introduced differential cryptanalysis, while MD4 remained unbroken for several more years. As a result, newer functions based on MD4, e.g., MD5 and SHA-1, became the de-facto and international standards. Following recent techniques of differential cryptanalysis for hash function, today we know that MD4 is even weaker than Snefru. In this paper we apply recent differential cryptanalysis techniques to Snefru, and devise new techniques that improve the attacks on Snefru further, including using generic attacks with differential cryptanalysis, and using virtual messages with second preimage attacks for finding preimages. Our results reduce the memory requirements of prior attacks to a negligible memory, and present a preimage of 2-pass Snefru. Finally, some observations on the padding schemes of Snefru and MD4 are discussed.

[1]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[2]  Jean-Jacques Quisquater,et al.  How Easy is Collision Search? Application to DES (Extended Summary) , 1990, EUROCRYPT.

[3]  Ralph C. Merkle,et al.  A fast software one-way hash function , 1990, Journal of Cryptology.

[4]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[5]  Eli Biham,et al.  Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer , 1991, CRYPTO.

[6]  Hui Chen,et al.  Cryptanalysis of the Hash Functions MD4 and RIPEMD , 2005, EUROCRYPT.

[7]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[8]  Donald E. Knuth,et al.  The art of computer programming. Vol.2: Seminumerical algorithms , 1981 .

[9]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[10]  J. Pollard A monte carlo method for factorization , 1975 .

[11]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[12]  Bruce Schneier One-way hash functions , 1991 .

[13]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[14]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[15]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[16]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[17]  Gabriel Nivasch,et al.  Cycle detection using a stack , 2004, Inf. Process. Lett..

[18]  Paul C. van Oorschot,et al.  Parallel collision search with application to hash functions and discrete logarithms , 1994, CCS '94.

[19]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.