Preimage and Second-Preimage Attacks on PGV Hashing Modes of Round-Reduced ARIA, Camellia, and Serpent

Deukjo HONG  Bonwook KOO  Dong-Chan KIM  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E95-A   No.1   pp.372-380
Publication Date: 2012/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E95.A.372
Print ISSN: 0916-8508
Type of Manuscript: PAPER
Category: Cryptography and Information Security
ARIA,  Camellia,  Serpent,  hash function,  PGV,  preimage,  meet-in-the-middle,  

Full Text: PDF(781.8KB)>>
Buy this Article

We present pseudo-preimage attacks on Davis-Meyer mode of reduced rounds of the block ciphers ARIA, Camellia, and Serpent by using Sasaki's framework. They yield preimage or second-preimage attacks on PGV hashing modes. We develop proper initial structures for applying meet-in-the-middle techniques to the block ciphers, by considering their diffusion layers, and propose a method to find matching-check equations for indirect partial matching technique with a binary matrix. These works enable us to attack 5 rounds of ARIA, 7 rounds of Camellia, and 4 rounds of Serpent faster than brute force attack.