Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18]

@

Journal of Information Science and Engineering, Vol. 27 No. 4, pp. 1315-1327 (July 2011)

Preimage Attack on Reduced DHA-256*

JINMIN ZHONG AND XUEJIA LAI
Department of Computer Science and Engineering
Shanghai Jiao Tong University
Shanghai, 200240 P.R. China

DHA-256 (Double Hash Algorithm) was proposed at the Cryptographic Hash Workshop hosted by NIST in November 2005. DHA-256 is a dedicated hash function with output length of 256 bits and 64 steps of operations designed to enhance SHA-256 security. In this paper, we show an attack on 35-step DHA-256. The attack finds pseudo-preimage and preimage of 35-step DHA-256 with the time complexity of 2240 and 2249 compression function operations, respectively, and 216 x 11 words memory. To the best of our knowledge, this is the first paper that analyzes the preimage resistance of DHA-256.

Keywords: DHA-256, meet-in-the-middle, pseudo-preimage, preimage, hash function

Full Text () Retrieve PDF document (201107_08.pdf)

Received November 26, 2009; revised July 29, 2010; accepted September 13, 2010.
Communicated by Wen-Guey Tzeng.
* This paper was supported by NSFC under grants No. 60573032, 60773092 and 61073149, and by RFDP under grant No. 20090073110027.