Abstract
An r-collision for a function is a set of r distinct inputs with identical outputs. Actually finding r-collisions for a random map over a finite set of cardinality N requires at least about N (r − 1)/r units of time on a sequential machine. For r=2, memoryless and well-parallelizable algorithms are known. The current paper describes memory-efficient and parallelizable algorithms for r ≥ 3. The main results are: (1) A sequential algorithm for 3-collisions, roughly using memory N α and time N 1 − α for α ≤ 1/3. In particular, given N 1/3 units of storage, one can find 3-collisions in time N 2/3. (2) A parallelization of this algorithm using N 1/3 processors running in time N 1/3, where each single processor only needs a constant amount of memory. (3) A generalisation of this second approach to r-collisions for r ≥ 3: given N s parallel processors, with s ≤ (r − 2)/r, one can generate r-collisions roughly in time N ((r − 1)/r) − s, using memory N ((r − 2)/r) − s on every processor.
Chapter PDF
Similar content being viewed by others
References
Arbitman, Y., Naor, M., Segev, G.: De-amortized cuckoo hashing: Provable worst-case performance and experimental results. In: Albers, S., Marchetti-Spaccamela, A., Matias, Y., Niko-letsea, S. (eds.) ICALP 2009. LNCS, vol. 5556, pp. 411–422. Springer, Heidelberg (2009)
Coppersmith, D.: Another birthday attack. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 14–17. Springer, Heidelberg (1986)
Ferguson, N., Lucks, S.: Attacks on AURORA-512 and the double-mix Merkle-Damgård transform. Cryptology ePrint Archive, Report 2009/113 (2009)
Flajolet, P., Odlyzko, A.M.: Random mapping statistics. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 329–354. Springer, Heidelberg (1990)
Hellman, M.E.: A cryptanalytic time-memory trade-off. IEEE Transactions on Information Theory 26(4), 401–406 (1980)
Hoch, J.J., Shamir, A.: Breaking the ICE - finding multicollisions in iterated concatenated and expanded (ICE) hash functions. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 179–194. Springer, Heidelberg (2006)
Hoch, J.J., Shamir, A.: On the strength of the concatenated hash combiner when all the hash functions are weak. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 616–630. Springer, Heidelberg (2008)
Iwata, T., Shibutani, K., Shirai, T., Moriai, S., Akishita, T.: AURORA: a cryptographic hash algorithm family. Submission to NIST’s SHA-3 competition (2008)
Joux, A.: Multicollisions in iterated hash functions. application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)
Mendel, F.: Preimage attack on Blender, http://ehash.iaik.tugraz.at/wiki/Blender
Mendel, F., Rechberger, C., Schläffer, M.: Cryptanalysis of twister. In: Proceedings of ACNS. Springer, Heidelberg (to appear), http://ehash.iaik.tugraz.at/wiki/Twister
Mendel, F., Thomsen, S.S.: An observation on JH-512, http://ehash.iaik.tugraz.at/wiki/JH
Nandi, M., Stinson, D.R.: Multicollision attacks on some generalized sequential hash functions. IEEE Transactions on Information Theory 53(2), 759–767 (2007)
Newbold, C.: Observations and attacks on the SHA-3 candidate Blender, http://ehash.iaik.tugraz.at/wiki/Blender
Nivasch, G.: Cycle detection using a stack. Information Processing Letter 90(3), 135–140 (2004)
Pagh, R., Rodler, F.F.: Cuckoo hashing. J. Algorithms 51(2), 122–144 (2004)
Preneel, B.: Analysis and Design of Cryptographic Hash Functions. PhD thesis, KU Leuven (1993)
Quisquater, J.-J., Delescaille, J.-P.: Other cycling tests for DES. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 255–256. Springer, Heidelberg (1988)
Quisquater, J.-J., Delescaille, J.-P.: How easy is collision search? Application to DES. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 429–434. Springer, Heidelberg (1990)
Quisquater, J.-J., Delescaille, J.-P.: How easy is collision search. New results and applications to DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 408–413. Springer, Heidelberg (1990)
Sasaki, Y.: A collision attack on AURORA-512. Cryptology ePrint Archive, Report 2009/106 (2009)
Suzuki, K., Tonien, D., Kurosawa, K., Toyota, K.: Birthday paradox for multi-collisions. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol. 4296, pp. 29–40. Springer, Heidelberg (2006)
van Oorschot, P.C., Wiener, M.: A known-plaintext attack on two-key triple encryption. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 318–325. Springer, Heidelberg (1991)
van Oorschot, P.C., Wiener, M.J.: Parallel collision search with application to hash functions and discrete logarithms. In: ACM CCS 1994, Fairfax, Virginia, USA, pp. 210–218. ACM Press, New York (1994)
van Oorschot, P.C., Wiener, M.: Improving implementable meet-in-the-middle attacks by orders of magnitude. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 229–236. Springer, Heidelberg (1996)
van Oorschot, P.C., Wiener, M.: On diffie-hellman key agreement with short exponents. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 332–343. Springer, Heidelberg (1996)
van Oorschot, P.C., Wiene, M.J.: Parallel collision search with cryptanalytic applications. Journal of Cryptology 12(1), 1–28 (1999)
Wiener, M.J.: The full cost of cryptanalytic attacks. Journal of Cryptology 17(2), 105–124 (2004)
Wu, H.: The complexity of Mendel and Thomsen’s preimage attack on JH-512, http://ehash.iaik.tugraz.at/wiki/JH
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Joux, A., Lucks, S. (2009). Improved Generic Algorithms for 3-Collisions. In: Matsui, M. (eds) Advances in Cryptology – ASIACRYPT 2009. ASIACRYPT 2009. Lecture Notes in Computer Science, vol 5912. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10366-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-10366-7_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10365-0
Online ISBN: 978-3-642-10366-7
eBook Packages: Computer ScienceComputer Science (R0)