International Association for Cryptologic Research

Ph.D. Database

The aim of the IACR Ph.D. database is twofold. On the first hand, we want to offer an overview of Ph.D. already completed in the domain of cryptology. Where possible, this should also include a subject classification, an abstract, and access to the full text. On the second hand, it deals with Ph.D. subjects currently under investigation. This way, we provide a timely map of contemporary research in cryptology. All entries or changes need to be approved by an editor. You can contact them via phds (at)


Thomas Peyrin (#500)
Name Thomas Peyrin
Personal Homepage
Topic of his/her doctorate. Analyse de fonctions de hachage cryptographiques
Category secret-key cryptography
Keywords hash functions, cryptanalysis
Ph.D. Supervisor(s) Henri Gilbert, Marc Girault
Year of completion 2008
Abstract Hash functions are one of the most useful primitives in cryptography, for example in authentication or message integrity solutions. In contrast to other tools from cryptography, these functions manipulate no secret. Nonetheless, they must ful?ll some security properties such as collision resistance or preimage resistance. For several years, the typical building blocks of these functions have been the domain extension algorithm proposed by Merkle and Damgård with a dedicated compression function from the MD or SHA family. However, recent cryptanalysis works raised the community attention upon this domain. In response to these vulnerabilities, a call for submissions has just been organised by the NIST. Even if we also sat ourselves in the design side during our research time, we will mostly concentrate on hash functions cryptanalysis in this thesis. More precisely, we will analyse the collision search problem for the internal compression function. Firstly, we study and extend recent attacks on the standardized hash functions from the SHA family, by far the most utilized candidate in practice. Since the attacks considered here are quite complex, we concentrated our efforts in describing all the details needed for a good understanding of the reader. We present the best known practical attacks against SHA-0 and SHA-1. Then, we describe the first algorithm that finds collisions for the GRINDAHL family of hash functions, a new candidate based on innovative design concepts. Finally, we analyse the hash function FORK-256 and show that it cannot be considered as cryptographically strong.
E-Mail Address thomas.peyrin (at)
Last Change 2011-04-24 00:08:40
To provide an update on this entry, please click .

Contact: phds (at)

[ IACR home page ] [ IACR PhDs page ] © IACR