Preimages for the tillich-zémor hash function

Christophe Petit; Jean Jacques Quisquater

doi:10.1007/978-3-642-19574-7_20

Preimages for the tillich-zémor hash function

Christophe Petit^*, Jean Jacques Quisquater

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Zémor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function. We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time. Our attacks definitely break the Tillich-Zémor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure.

Original language	English
Title of host publication	Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers
Pages	282-301
Number of pages	20
DOIs	https://doi.org/10.1007/978-3-642-19574-7_20
Publication status	Published - 2011
Event	17th International Workshop on Selected Areas in Cryptography, SAC 2010 - Waterloo, ON, Canada Duration: 12 Aug 2010 → 13 Aug 2010

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	6544 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	17th International Workshop on Selected Areas in Cryptography, SAC 2010
Country/Territory	Canada
City	Waterloo, ON
Period	12/08/10 → 13/08/10

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-642-19574-7_20

Cite this

Petit, C., & Quisquater, J. J. (2011). Preimages for the tillich-zémor hash function. In Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers (pp. 282-301). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6544 LNCS). https://doi.org/10.1007/978-3-642-19574-7_20

@inproceedings{0c338dce1cff4a94aa556c83a290bce9,

title = "Preimages for the tillich-z{\'e}mor hash function",

abstract = "After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Z{\'e}mor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function. We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time. Our attacks definitely break the Tillich-Z{\'e}mor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure.",

author = "Christophe Petit and Quisquater, {Jean Jacques}",

year = "2011",

doi = "10.1007/978-3-642-19574-7_20",

language = "English",

isbn = "9783642195730",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "282--301",

booktitle = "Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers",

note = "17th International Workshop on Selected Areas in Cryptography, SAC 2010 ; Conference date: 12-08-2010 Through 13-08-2010",

}

Petit, C & Quisquater, JJ 2011, Preimages for the tillich-zémor hash function. in Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6544 LNCS, pp. 282-301, 17th International Workshop on Selected Areas in Cryptography, SAC 2010, Waterloo, ON, Canada, 12/08/10. https://doi.org/10.1007/978-3-642-19574-7_20

Preimages for the tillich-zémor hash function. / Petit, Christophe; Quisquater, Jean Jacques.
Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers. 2011. p. 282-301 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6544 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Preimages for the tillich-zémor hash function

AU - Petit, Christophe

AU - Quisquater, Jean Jacques

PY - 2011

Y1 - 2011

N2 - After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Zémor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function. We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time. Our attacks definitely break the Tillich-Zémor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure.

AB - After 15 years of unsuccessful cryptanalysis attempts by the research community, Grassl et al. have recently broken the collision resistance property of the Tillich-Zémor hash function. In this paper, we extend their cryptanalytic work and consider the preimage resistance of the function. We present two algorithms for computing preimages, each algorithm having its own advantages in terms of speed and preimage lengths. We produce theoretical and experimental evidence that both our algorithms are very efficient and succeed with a very large probability on the function parameters. Furthermore, for an important subset of these parameters, we provide a full proof that our second algorithm always succeeds in deterministic cubic time. Our attacks definitely break the Tillich-Zémor hash function and show that it is not even one-way. Nevertheless, we point out that other hash functions based on a similar design may still be secure.

UR - http://www.scopus.com/inward/record.url?scp=79952590519&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-19574-7_20

DO - 10.1007/978-3-642-19574-7_20

M3 - Conference contribution

AN - SCOPUS:79952590519

SN - 9783642195730

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 282

EP - 301

BT - Selected Areas in Cryptography - 17th International Workshop, SAC 2010, Revised Selected Papers

T2 - 17th International Workshop on Selected Areas in Cryptography, SAC 2010

Y2 - 12 August 2010 through 13 August 2010

ER -

Preimages for the tillich-zémor hash function

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this