Collision Attack on the Full Extended MD4 and Pseudo-Preimage Attack on RIPEMD  被引量：3

作　　者：Gao-Li Wang 

机构地区：[1]School of Computer Science and Technology, Donghua University, Shanghai 201620, China [2]State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences Beijing 100093, China

出　　处：《Journal of Computer Science & Technology》2013年第1期129-143,共15页计算机科学技术学报（英文版）

基　　金：This work was supported by the National Natural Science Foundation of China under Grant No. 61103238, the ＂Chen Guang＂ project of Shanghai Municipal Education Commission and Shanghai Education Development Foundation of China under Grant No. 09CG29, and the Fundamental Research Funds for the Central Universities of China.

摘　　要：The cryptographic hash functions Extended MD4 and RIPEMD are double-branch hash functions, which consist of two parallel branches. Extended MD4 was proposed by Rivest in 1990, and RIPEMD was devised in the framework of the RIPE project （RACE Integrity Primitives Evaluation, 1988-1992）. On the basis of differential analysis and meet-in-the- middle attack principle, this paper proposes a collision attack on the full Extended MD4 and a pseudo-preimage attack on the full RIPEMD respectively. The collision attack on Extended MD4 holds with a complexity of 237, and a collision instance is presented. The pseudo-preimage attack on RIPEMD holds with a complexity of 21254, which optimizes the complexity order for brute-force attack. The results in this study will also be beneficial to the analysis of other double-branch hash functions such as RIPEMD-160.The cryptographic hash functions Extended MD4 and RIPEMD are double-branch hash functions, which consist of two parallel branches. Extended MD4 was proposed by Rivest in 1990, and RIPEMD was devised in the framework of the RIPE project （RACE Integrity Primitives Evaluation, 1988-1992）. On the basis of differential analysis and meet-in-the- middle attack principle, this paper proposes a collision attack on the full Extended MD4 and a pseudo-preimage attack on the full RIPEMD respectively. The collision attack on Extended MD4 holds with a complexity of 237, and a collision instance is presented. The pseudo-preimage attack on RIPEMD holds with a complexity of 21254, which optimizes the complexity order for brute-force attack. The results in this study will also be beneficial to the analysis of other double-branch hash functions such as RIPEMD-160.

关 键 词：collision attack preimage attack hash function Extended MD4 RIPEMD 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构] TP393.08[自动化与计算机技术—计算机科学与技术]