[Resource Topic] 2006/116: Second Preimages for Iterated Hash Functions Based on a b-Block Bypass

Welcome to the resource topic for 2006/116

Second Preimages for Iterated Hash Functions Based on a b-Block Bypass

Authors: Mario Lamberger, Norbert Pramstaller, Vincent Rijmen


In this article, we present a second preimage attack on a double block-length hash proposal presented at FSE 2006. If the hash function is instantiated with DESX as underlying block cipher, we are able to construct second preimages deterministically. Nevertheless, this second preimage attack does not render the hash scheme insecure. For the hash scheme, we only show that it should not be instantiated with DESX but AES should rather be used. However, we use the instantiation of this hash scheme with DESX to introduce a new property of iterated hash functions, namely a so-called b-block bypass. We will show that if an iterated hash function possesses a b-block bypass, then this implies that second preimages can be constructed. Additionally, the attacker has more degrees of freedom for constructing the second preimage.

ePrint: https://eprint.iacr.org/2006/116

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .