05873536

j

05873536 Indesteege, Sebastiaan Preneel, Bart Practical collisions for EnRUPT. J. Cryptology 24, No. 1, 1-23 (2011). 2011 Springer-Verlag, New York, NY EN EnRUPT SHA-3 candidate Hash function collision attack Zbl 1209.68220

doi:10.1007/s00145-010-9058-x

Summary: This is an extended version of [the authors, in: Fast software encryption. 16th international workshop, FSE 2009, Leuven, Belgium, February 22--25, 2009. Revised selected papers. Berlin: Springer. Lecture Notes in Computer Science 5665, 246--259 (2009; Zbl 1209.68220)]. The EnRUPT hash functions were proposed by {\it S. O'Neil, K. Nohl} and {\it L. Henzen} [EnRUPT hash function specification. Submission to the NIST SHA-3 competition (2008); available online at \url{http://www.enrupt.com/SHA3/}] as candidates for the SHA-3 competition organised by NIST. The proposal contains seven concrete hash functions each with a different digest length. We present a practical collision attack on each of these seven EnRUPT variants. The time complexity of our attack varies from $2^{36}$ to $2^{40}$ round computations, depending on the EnRUPT variant, and the memory requirements are negligible. We demonstrate that our attack is practical by giving an actual collision example for EnRUPT-256.