International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Slide Attacks on a Class of Hash Functions

Michael Gorski
Stefan Lucks
Thomas Peyrin
Search ePrint
Search Google
Abstract: This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery attacks. In other cases, we can at least distinguish a given hash function from a random oracle. To illustrate our results, we describe attacks against the Grindahl-256 and Grindahl-512 hash functions. To the best of our knowledge, this is the first cryptanalytic result on Grindahl-512. Furthermore, we point out a slide-based distinguisher attack on a slightly modified version of RadioGatun. We finally discuss simple countermeasures as a defense against slide attacks.
  title={Slide Attacks on a Class of Hash Functions},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / slide attacks, hash function, Grindahl, RadioGatun, MAC, sponge function},
  note={ASIACRYPT 2008 14123 received 11 Jun 2008, last revised 1 Sep 2008},
  author={Michael Gorski and Stefan Lucks and Thomas Peyrin},