Browse > Article
http://dx.doi.org/10.13089/JKIISC.2002.12.4.55

On the Security of reduced versions of 3-pass HAVAL  

박상우 (국가보안기술연구소)
성수학 (배재대학교 전산정보수학과)
지성택 (국가보안기술연구소)
윤이중 (국가보안기술연구소)
임종인 (고려대학교 정보보호대학원)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.12, no.4, 2002 , pp. 55-66 More about this Journal
Abstract
HAVAL is a dedicated hash function of the MD family which was proposed by Zheng et al.. HAVAL compresses a message of arbitrary length into a hash value of 128, 160, 192, 224, or 256 bits. HAVAL has a parameter that controls the number of passes a message block of 1024 bits is processed. A message block can be processed in 3,4, or 5 passes. When a message block is processed in three passes, we call such a case 3-pass HAVAL. So, there are three kinds of HAVAL: 3-pass HAVAL, 4-pass HAVAL, and 5-pass HAVAL. In this paper, we study the security of reduced versions of 3-pass HAVAL. We propose a method for finding the collisions for the first two passes of 3-pass HAVAL and for the last two passes of 3-pass HAVAL. This approach of reducing the number of passes is similar to the initial attacks on MD4. We represent the first two passes of 3-pass HAVAL as HAVAL-12 and the last two passes of 3-pass HAVAL as HAVAL-23.
Keywords
Hash function; Collision resistance; Collisions;
Citations & Related Records
연도 인용수 순위
  • Reference
1 HAVAL-A One-Way Hashing Algorithm with Variable Length of Output /
[ Yuliang Zheng;Josef Pieprzyk;Jennifer Seberry;In Jennifer Seberry(ed);Yuliang Zheng(ed) ] / Lecture Notes in Computer Science
2 /
[ National Institute of Standards and Technology ] / FIPS PUB 180-1:Secure Hash Standard
3 RIPEMD with two rounds compress functions in not collisionfree /
[ Hans Dobbertin ] / Journal of Cryptology   DOI   ScienceOn
4 Collisions for the compression function of MD5 /
[ Bert den Boer;Antoon Bosselaers;In Tor Helleseth(ed) ] / Lecture Notes in Computer Science
5 An attack on the last two rounds of MD4 /
[ Bert den Boer;Antoon Bosselaers;In Joan Feigenbaum(ed) ] / Lecture Notes in Computer Science   DOI
6 Cryptanalysis of reduced version of HAVAL /
[ P.R.Kasselman;W.T.Penzhorn ] / Electronics Letters   DOI   ScienceOn
7 The MD5 message digest algorithm /
[ Ronald L.Rivest ] / In Request for Comments (RFC) 1321,April. Internet Activities Board, Internet Privacy Task Force
8 The MD4 message digest algorithm /
[ Ronald L.Rivest;In Alfred J.Menezes(ed);Scott~A.Vanstone(ed) ] / Lecture Notes in Computer Science   DOI
9 /
[ Hans Dobbertin;Antoon Bosselaers;Bart Preneel ] / RIPEMD-160: A strengthened version of RIPEMD
10 Cryptanalysis of MD4 /
[ Hans Dobbertin ] / Journal of Cryptology   DOI
11 Differential cryptanalysis mod 2 32 with applications to MD5 /
[ Thomas A.Berson;In Rainer A Rueppel(ed) ] / Lecture Notes in Computer Science
12 The RIPEMD L and RIPEMD R improved variants of MD4 are not collision free /
[ Christophe Debaert;Henri Gilbert ] / In Preproceegins of FSE 2001, 8th Fast Software Encryption Workshop
13 RIPE-Integrity primitives for secure information systems /
[ Research and Development in Advanced Communications Technologies in Europe ] / Final Report of RACE Integrity Primitives Evaluation (R1040)
14 On the need for multipermutations : Cryptanalysis of MD4 and SAFER /
[ Serge Vaudenacy;In Bart Preneel(ed) ] / Lecture Notes in Computer Science   DOI