Cryptanalysis of the LAKE hash family

We analyse the security of the cryptographic hash function LAKE-256 proposed at FSE 2008 by Aumasson, Meier and Phan. By exploiting non-injectivity of some of the building primitives of LAKE, we show three different collision and near-collision attacks on the compression function. The first attack u...

Full description

Saved in:
Bibliographic Details
Main Authors: Biryukov, Alex, Gauravaram, Praveen, Guo, Jian, Khovratovich, Dmitry, Ling, San, Matusiewicz, Krystian, Nikoli´c, Ivica, Pieprzyk, Josef, Wang, Huaxiong
Other Authors: School of Physical and Mathematical Sciences
Format: Article
Language:English
Published: 2012
Subjects:
Online Access:https://hdl.handle.net/10356/94927
http://hdl.handle.net/10220/7722
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:We analyse the security of the cryptographic hash function LAKE-256 proposed at FSE 2008 by Aumasson, Meier and Phan. By exploiting non-injectivity of some of the building primitives of LAKE, we show three different collision and near-collision attacks on the compression function. The first attack uses differences in the chaining values and the block counter and finds collisions with complexity 233. The second attack utilizes differences in the chaining values and salt and yields collisions with complexity 242. The final attack uses differences only in the chaining values to yield near-collisions with complexity 299. All our attacks are independent of the number of rounds in the compression function. We illustrate the first two attacks by showing examples of collisions and near-collisions.