This paper presents a novel pre-image attack on SHA-3 candidate Spectral Hash (shash), which was until now thought to be resistant to pre-image attacks. PTX (Permute Transform XOR) functions are an idealisation of shash  in which its pseudorandom functions have been replaced with random oracles. We extend our previous practical collision attacks on PTX functions to practical pre-image attacks against all PTX functions . As shown in our previous work, the security of shash depends on the security of PTX functions, thus our result also applies to the pre-image security of shash. Our technique is to use the chaining variable collision introduced in our previous attack, which reduces PTX functions, under a special set of inputs, to a series of random oracles XORed together. PT X(x) = RO(x0)⊕RO(x1)...⊕RO(xm) Note that while this property does not hold for every input x, it does hold for an infinite number of them. Finding a set of inputs to those random oracles such that the outputs, y = RO(x), are an orthogonal basis of the output space is trivial . Using this basis we span the entire output space of the hash function, therefore we can generate arbitrary outputs of our choosing. That is, for any output, we can compute a pre-image in constant time. BODY We break the pre-image security of PTX and shash by reducing it to the trivially solvable problem  of finding independent random vectors.
 Ethan Heilman. Attacks Against Permute-Transform-Xor Compression Functions and Spectral Hash , 2009, IACR Cryptol. ePrint Arch..