Cryptanalysis of Dynamic SHA(2)

14 years 22 days ago
Cryptanalysis of Dynamic SHA(2)
In this paper, we analyze the hash functions Dynamic SHA and Dynamic SHA2, which have been selected as first round candidates in the NIST hash function competition. These hash functions rely heavily on data-dependent rotations, similar to certain block ciphers, e.g., RC5. Our analysis suggests that in the case of hash functions, where the attacker has more control over the rotations, this approach is less favorable than in block ciphers. We present practical, or close to practical, collision attacks on both Dynamic SHA and Dynamic SHA2. Moreover, we present a preimage attack on Dynamic SHA that is faster than exhaustive search. Key words: Dynamic SHA, Dynamic SHA2, SHA-3 candidate, hash function, collision attack.
Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan
Added 27 May 2010
Updated 27 May 2010
Type Conference
Year 2009
Authors Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan Indesteege, Bart Preneel
Comments (0)