Improved meet-in-the-middle Nostradamus attacks on AES-like hashing
The Nostradamus attack was originally proposed as a security vulnerability for a hash function by Kelsey and Kohno at EUROCRYPT 2006. It requires the attacker to commit to a hash value y of an iterated hash function H. Subsequently, upon being provided with a message prefix P, the adversary’s task i...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | English |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/178394 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-178394 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1783942024-06-24T15:35:01Z Improved meet-in-the-middle Nostradamus attacks on AES-like hashing Dong, Xiaoyang Guo, Jian Li, Shun Pham, Phuong Zhang, Tianyu School of Physical and Mathematical Sciences Mathematical Sciences Hash function Nostradamus attack The Nostradamus attack was originally proposed as a security vulnerability for a hash function by Kelsey and Kohno at EUROCRYPT 2006. It requires the attacker to commit to a hash value y of an iterated hash function H. Subsequently, upon being provided with a message prefix P, the adversary’s task is to identify a suffix S such that H(P∥S) equals y. Kelsey and Kohno demonstrated a herding attack requiring O(√n · 22n/3) evaluations of the compression function of H, where n represents the output and state size of the hash, placing this attack between preimage attacks and collision searches in terms of complexity. At ASIACRYPT 2022, Benedikt et al. transform Kelsey and Kohno’s attack into a quantum variant, decreasing the time complexity from O(√n · 22n/3) to O(3√n · 23n/7). At ToSC 2023, Zhang et al. proposed the first dedicated Nostradamus attack on AES-like hashing in both classical and quantum settings. In this paper, we have made revisions to the multi-target technique incorporated into the meet-in-the-middle automatic search framework. This modification leads to a decrease in time complexity during the online linking phase, effectively reducing the overall attack time complexity in both classical and quantum scenarios. Specifically, we can achieve more rounds in the classical setting and reduce the time complexity for the same round in the quantum setting. Ministry of Education (MOE) Published version This research is partially supported by the National Key R&D Program of China (Grants No. 2022YFB2701900) and Ministry of Education in Singapore under Grants RG93/23. Xiaoyang Dong is supported by National Key R&D Program of China (2022YFB2702804, 2018YFA0704701), the Natural Science Foundation of China (62272257, 62302250, 62202017), Shandong Key Research and Development Program (2020ZLYS09), the Major Scientific and Technological Innovation Project of Shandong, China (2019JZZY010133), the Major Program of Guangdong Basic and Applied Research (2019B030302008, 2022A1515140090), Key Research Project of Zhejiang Province, China (2023C01025). 2024-06-18T02:51:42Z 2024-06-18T02:51:42Z 2024 Journal Article Dong, X., Guo, J., Li, S., Pham, P. & Zhang, T. (2024). Improved meet-in-the-middle Nostradamus attacks on AES-like hashing. IACR Transactions On Symmetric Cryptology, 2024(1), 158-187. https://dx.doi.org/10.46586/tosc.v2024.i1.158-187 2519-173X https://hdl.handle.net/10356/178394 10.46586/tosc.v2024.i1.158-187 2-s2.0-85186905846 1 2024 158 187 en RG93/23 IACR Transactions on Symmetric Cryptology © 2024 The Author(s). Licensed under Creative Commons License CC-BY 4.0. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Mathematical Sciences Hash function Nostradamus attack |
| spellingShingle |
Mathematical Sciences Hash function Nostradamus attack Dong, Xiaoyang Guo, Jian Li, Shun Pham, Phuong Zhang, Tianyu Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| description |
The Nostradamus attack was originally proposed as a security vulnerability for a hash function by Kelsey and Kohno at EUROCRYPT 2006. It requires the attacker to commit to a hash value y of an iterated hash function H. Subsequently, upon being provided with a message prefix P, the adversary’s task is to identify a suffix S such that H(P∥S) equals y. Kelsey and Kohno demonstrated a herding attack requiring O(√n · 22n/3) evaluations of the compression function of H, where n represents the output and state size of the hash, placing this attack between preimage attacks and collision searches in terms of complexity. At ASIACRYPT 2022, Benedikt et al. transform Kelsey and Kohno’s attack into a quantum variant, decreasing the time complexity from O(√n · 22n/3) to O(3√n · 23n/7). At ToSC 2023, Zhang et al. proposed the first dedicated Nostradamus attack on AES-like hashing in both classical and quantum settings. In this paper, we have made revisions to the multi-target technique incorporated into the meet-in-the-middle automatic search framework. This modification leads to a decrease in time complexity during the online linking phase, effectively reducing the overall attack time complexity in both classical and quantum scenarios. Specifically, we can achieve more rounds in the classical setting and reduce the time complexity for the same round in the quantum setting. |
| author2 |
School of Physical and Mathematical Sciences |
| author_facet |
School of Physical and Mathematical Sciences Dong, Xiaoyang Guo, Jian Li, Shun Pham, Phuong Zhang, Tianyu |
| format |
Article |
| author |
Dong, Xiaoyang Guo, Jian Li, Shun Pham, Phuong Zhang, Tianyu |
| author_sort |
Dong, Xiaoyang |
| title |
Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| title_short |
Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| title_full |
Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| title_fullStr |
Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| title_full_unstemmed |
Improved meet-in-the-middle Nostradamus attacks on AES-like hashing |
| title_sort |
improved meet-in-the-middle nostradamus attacks on aes-like hashing |
| publishDate |
2024 |
| url |
https://hdl.handle.net/10356/178394 |
| _version_ |
1814047345114873856 |