On the Impact of Known-Key Attacks on Hash Functions

4 years 2 months ago
On the Impact of Known-Key Attacks on Hash Functions
Abstract. Hash functions are often constructed based on permutations or blockciphers, and security proofs are typically done in the ideal permutation or cipher model. However, once these random primitives are instantiated, vulnerabilities of these instantiations may nullify the security. At ASIACRYPT 2007, Knudsen and Rijmen introduced known-key security of blockciphers, which gave rise to many distinguishing attacks on existing blockcipher constructions. In this work, we analyze the impact of such attacks on primitive-based hash functions. We present and formalize the weak cipher model, which captures the case a blockcipher has a certain weakness but is perfectly random otherwise. A specific instance of this model, considering the existence of sets of B queries whose XOR equals 0 at bit-positions C, where C is an index set, covers a wide range of known-key attacks in literature. We apply this instance to the PGV compression functions, as well as to the Grøstl (based on two permutati...
Bart Mennink, Bart Preneel
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Authors Bart Mennink, Bart Preneel
Comments (0)