An attack on hash function HAVAL-128

In this paper, we give a fast attack against hash function—HAVAL-128. HAVAL was presented by Y. L. Zheng et al. at Auscrypto’92. It can be processed in 3, 4 or 5 passes, and produces 128, 160, 192, or 224-bit fingerprint. We break the HAVAL with 128-bit fingerprint. The conclusion is that, given any 1024-bit message m, we just make some modifications about m, and the modified message m can collide with another message m′ only with probability 1/27, where m′=m+Δm, in which Δm is a fixed difference selected in advance. In addition, two collision examples for HAVAL-128 are given in this paper.

[1]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[2]  Hans Dobbertin Cryptanalysis of MD4 , 1996, FSE.

[3]  Hans Dobbertin,et al.  RIPEMD with two-round compress function is not collision-free , 1997, Journal of Cryptology.

[4]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[5]  P. R. Kasselman,et al.  Cryptanalysis of reduced version of HAVAL , 2000 .

[6]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[7]  Antoon Bosselaers,et al.  An Attack on the Last Two Rounds of MD4 , 1991, CRYPTO.

[8]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[9]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[10]  Jongin Lim,et al.  On the Security of Reduced Versions of 3-Pass HAVAL , 2002, ACISP.

[11]  Kouichi Sakurai,et al.  Attacks for Finding Collision in Reduced Versions of 3-PASS and 4-PASS HAVAL , 2003 .

[12]  Joos Vandewalle,et al.  Cryptanalysis of 3-Pass HAVAL , 2003, ASIACRYPT.

[13]  Hans Dobbertin,et al.  Cryptanalysis of MD4 , 1996, Journal of Cryptology.

[14]  Joos Vandewalle,et al.  Integrity primitives for secure information systems : final report of RACE Integrity Primitives Evaluation RIPE-RACE 1040 , 1995 .

[15]  Jennifer Seberry,et al.  HAVAL - A One-Way Hashing Algorithm with Variable Length of Output , 1992, AUSCRYPT.

[16]  P. R. Kasselman A fast attack on the MD4 hash function , 1997, Proceedings of the 1997 South African Symposium on Communications and Signal Processing. COMSIG '97.