Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
FSE
2008
Springer
2008
Springer
Cryptanalysis of LASH
We show that the LASH-x hash function is vulnerable to attacks that trade time for memory, including collision attacks as fast as 2(4x/11) and preimage attacks as fast as 2(4x/7) . Moreover, we briefly mention heuristic lattice based collision attacks that use small memory but require very long messages that are expected to find collisions much faster than 2x/2 . All of these attacks exploit the designers' choice of an all zero IV. We then consider whether LASH can be patched simply by changing the IV. In this case, we show that LASH is vulnerable to a 2(7x/8) preimage attack. We also show that LASH is trivially not a PRF when any subset of input bytes is used as a secret key. None of our attacks depend upon the particular contents of the LASH matrix
Real-time Traffic| Added | 26 Oct 2010 |
| Updated | 26 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | FSE |
| Authors | Ron Steinfeld, Scott Contini, Krystian Matusiewicz, Josef Pieprzyk, Jian Guo, San Ling, Huaxiong Wang |
Comments (0)
Researcher Info
|
