通信学报 ›› 2014, Vol. 35 ›› Issue (2): 40-45.doi: 10.3969/j.issn.1000-436x.2014.02.006

• 学术论文 • 上一篇    下一篇

带消息填充的29步SM3算法原根和伪碰撞攻击

王高丽,申延召   

  1. 1 东华大学 计算机科学与技术学院,上海 201620;
    2 中国科学院 信息工程研究所 信息安全国家重点实验室,北京 100093
  • 出版日期:2014-02-25 发布日期:2017-07-25
  • 基金资助:
    国家自然科学基金资助项目;国家自然科学基金资助项目;中央高校基本科研业务费专项基金资助项目;中国科学院信息工程研究所信息安全国家重点实验室开放课题基金资助项目

Preimage and pseudo-collision attacks on 29-step SM3 hash function with padding

Gao-li WANG,Yan-zhao SHEN   

  1. 1 School of Computer Science and Technology, Donghua University, Shanghai 201620, China;
    2 State Key Laboratory of Information Security , Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Online:2014-02-25 Published:2017-07-25
  • Supported by:
    The National Natural Science Foundation of China;The National Natural Science Foundation of China;The Fundamental Research Funds for the Central Universities;The Opening Project of State Key Laboratory of Information Security of Institute of Information Engineer-ing of Chinese Academy of Sciences

在线阅读

9

PDF下载

813

摘要:

基于中间相遇攻击技术,提出了一种针对密码杂凑函数SM算法的原根攻击和伪碰撞攻击方法,给出了从第1步开始的带消息填充的29步SM3算法的原根攻击和伪碰撞攻击。结果表明:对于29步SM3算法的原根攻击的时间复杂度为2254;对于29步SM3伪碰撞攻击的时间复杂度为2125。说明从第1步开始的带消息填充的29步SM3算法不能抵抗原根攻击和伪碰撞攻击。

关键词: 杂凑函数, 原根攻击, 碰撞攻击, 中间相遇攻击, SM3

Abstract:

The security of SM3 hash function was revaluated by using the meet-in-the-middle attack. The preimage and pseudo-collision attack on 29-step SM3 hash function (from the 1-st step) with padding was presented. The time complexities are 2254and 2125respectively. Therefore, the 29-step SM3 hash function is not immune to preimage and pseudo-collision attack.

Key words: hash function, preimage attack, collision attack, meet-in-the-middle attack, SM3

No Suggested Reading articles found!