International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Improved Semi-Free-Start Collision Attacks on RIPEMD-160

Authors:
Zhuolong Zhang , 1. School of Cyber Science and Technology, Shandong University, Qingdao, China; 2. State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China; 3. Quan Cheng Laboratory, Jinan, China
Muzhou Li , 1. School of Cyber Science and Technology, Shandong University, Qingdao, China; 2. State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China; 3. Quan Cheng Laboratory, Jinan, China
Haoyang Wang , Shanghai Jiao Tong University, Shanghai, China
Shiqi Hou , 1. State Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, CAS, Beijing, China; 2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China
Wei Wang , 1. School of Cyber Science and Technology, Shandong University, Qingdao, China; 2. Quan Cheng Laboratory, Jinan, Chinaï¼›3. State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China
Meiqin Wang , 1. School of Cyber Science and Technology, Shandong University, Qingdao, China; 2. State Key Laboratory of Cryptography and Digital Economy Security, Shandong University, Qingdao, 266237, China
Download:
Search ePrint
Search Google
Conference: ASIACRYPT 2025
Abstract: As an ISO/IEC standard, RIPEMD-160 has been extensively studied for (Semi-Free-Start) collision attacks. A significant breakthrough was achieved at FSE 2024 with the first 41-, 42-, and 43-step SFS collision attacks, which leveraged an automatic search model (EUROCRYPT 2023) and a message modification strategy (FSE 2020). However, these attacks are limited by reliance on heuristic objective functions and suboptimal message modification techniques. This paper enhances the existing framework from two perspectives. Firstly, we refine the automatic search model by incorporating a holistic objective function that considers all critical probability components, moving beyond simple Hamming weight. Secondly, we introduce two generic techniques to further improve (SFS) collision attacks: the first application of differential clustering and a dedicated message modification strategy. As a result, we present the first valid SFS collision attack on 44-step RIPEMD-160. Additionally, we significantly reduce the time complexities of existing attacks on 41-, 42-, and 43-step variants, making it feasible to find colliding message pairs for 41- and 42-step versions within practical time for the first time.
BibTeX
@inproceedings{asiacrypt-2025-35941,
  title={Improved Semi-Free-Start Collision Attacks on RIPEMD-160},
  publisher={Springer-Verlag},
  author={Zhuolong Zhang and Muzhou Li and Haoyang Wang and Shiqi Hou and Wei Wang and Meiqin Wang},
  year=2025
}