Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL

Gaoli Wang; Shaohui Wang

doi:10.1007/978-3-642-02384-2_1

Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL

Gaoli Wang^*
, Shaohui Wang

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

HAVAL is a cryptographic hash function with variable hash value sizes proposed by Zheng, Pieprzyk and Seberry in 1992. It has 3, 4, or 5 passes, and each pass contains 32 steps. There was a collision attack on 5-pass HAVAL, but no second preimage attack. In this paper, we present a second preimage differential path for 5-pass HAVAL with probability 2^-227 and exploit it to devise a second preimage attack on 5-pass HAVAL . Furthermore, we utilize the path to recover the partial key of HMAC/NMAC-5-pass HAVAL with 2 ²³⁵ oracle queries and 2³⁵ memory bytes.

Original language	English
Title of host publication	Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings
Pages	1-13
Number of pages	13
DOIs	https://doi.org/10.1007/978-3-642-02384-2_1
State	Published - 2009
Externally published	Yes
Event	2nd International Conference on Cryptology in Africa, AFRICACRYPT 2009 - Gammarth, Tunisia Duration: 21 Jun 2009 → 25 Jun 2009

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5580 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	2nd International Conference on Cryptology in Africa, AFRICACRYPT 2009
Country/Territory	Tunisia
City	Gammarth
Period	21/06/09 → 25/06/09

Keywords

HAVAL
HMAC
Key-recovery
NMAC
Second preimage attack

Access to Document

10.1007/978-3-642-02384-2_1

Cite this

Wang, G., & Wang, S. (2009). Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL. In Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings (pp. 1-13). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5580 LNCS). https://doi.org/10.1007/978-3-642-02384-2_1

Wang, Gaoli ; Wang, Shaohui. / Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL. Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings. 2009. pp. 1-13 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{1f0f0afb2ad44c55848742e56a5592eb,

title = "Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL",

abstract = "HAVAL is a cryptographic hash function with variable hash value sizes proposed by Zheng, Pieprzyk and Seberry in 1992. It has 3, 4, or 5 passes, and each pass contains 32 steps. There was a collision attack on 5-pass HAVAL, but no second preimage attack. In this paper, we present a second preimage differential path for 5-pass HAVAL with probability 2-227 and exploit it to devise a second preimage attack on 5-pass HAVAL . Furthermore, we utilize the path to recover the partial key of HMAC/NMAC-5-pass HAVAL with 2 235 oracle queries and 235 memory bytes.",

keywords = "HAVAL, HMAC, Key-recovery, NMAC, Second preimage attack",

author = "Gaoli Wang and Shaohui Wang",

year = "2009",

doi = "10.1007/978-3-642-02384-2\_1",

language = "英语",

isbn = "3642023835",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "1--13",

booktitle = "Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings",

note = "2nd International Conference on Cryptology in Africa, AFRICACRYPT 2009 ; Conference date: 21-06-2009 Through 25-06-2009",

}

Wang, G & Wang, S 2009, Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL. in Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5580 LNCS, pp. 1-13, 2nd International Conference on Cryptology in Africa, AFRICACRYPT 2009, Gammarth, Tunisia, 21/06/09. https://doi.org/10.1007/978-3-642-02384-2_1

Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL. / Wang, Gaoli; Wang, Shaohui.
Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings. 2009. p. 1-13 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5580 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL

AU - Wang, Gaoli

AU - Wang, Shaohui

PY - 2009

Y1 - 2009

N2 - HAVAL is a cryptographic hash function with variable hash value sizes proposed by Zheng, Pieprzyk and Seberry in 1992. It has 3, 4, or 5 passes, and each pass contains 32 steps. There was a collision attack on 5-pass HAVAL, but no second preimage attack. In this paper, we present a second preimage differential path for 5-pass HAVAL with probability 2-227 and exploit it to devise a second preimage attack on 5-pass HAVAL . Furthermore, we utilize the path to recover the partial key of HMAC/NMAC-5-pass HAVAL with 2 235 oracle queries and 235 memory bytes.

AB - HAVAL is a cryptographic hash function with variable hash value sizes proposed by Zheng, Pieprzyk and Seberry in 1992. It has 3, 4, or 5 passes, and each pass contains 32 steps. There was a collision attack on 5-pass HAVAL, but no second preimage attack. In this paper, we present a second preimage differential path for 5-pass HAVAL with probability 2-227 and exploit it to devise a second preimage attack on 5-pass HAVAL . Furthermore, we utilize the path to recover the partial key of HMAC/NMAC-5-pass HAVAL with 2 235 oracle queries and 235 memory bytes.

KW - HAVAL

KW - HMAC

KW - Key-recovery

KW - NMAC

KW - Second preimage attack

UR - https://www.scopus.com/pages/publications/70350632967

U2 - 10.1007/978-3-642-02384-2_1

DO - 10.1007/978-3-642-02384-2_1

M3 - 会议稿件

AN - SCOPUS:70350632967

SN - 3642023835

SN - 9783642023835

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 1

EP - 13

BT - Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings

T2 - 2nd International Conference on Cryptology in Africa, AFRICACRYPT 2009

Y2 - 21 June 2009 through 25 June 2009

ER -

Wang G, Wang S. Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL. In Progress in Cryptology - AFRICACRYPT 2009 - Second International Conference on Cryptology in Africa, Proceedings. 2009. p. 1-13. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-02384-2_1

Second preimage attack on 5-Pass HAVAL and partial key-recovery attack on HMAC/NMAC-5-Pass HAVAL

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this