Paper 2008/467

Cryptanalysis of EnRUPT

Dmitry Khovratovich and Ivica Nikolic

Abstract

In this paper we present a preimage attack on EnRUPT-512. We exploit the fact that the internal state is only a little bit larger than the critical security level: 1152 bits against 1024 bits. The absence of a message expansion and a fairly simple compression function allow us to fix the values for some state words and thus reduce the size of birthday state space in the meet-in-the-middle attack under 1024 bits. Equations that arise through the analysis are solved using look-up tables. The complexity of the attack is around 2^{480} compression function calls and the memory requirement is around 2^{384}.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
hash functionscryptanalysissha-3
Contact author(s)
khovratovich @ gmail com
dmitry khovratovich @ uni lu
History
2008-11-18: received
Short URL
https://ia.cr/2008/467
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/467,
      author = {Dmitry Khovratovich and Ivica Nikolic},
      title = {Cryptanalysis of EnRUPT},
      howpublished = {Cryptology ePrint Archive, Paper 2008/467},
      year = {2008},
      note = {\url{https://eprint.iacr.org/2008/467}},
      url = {https://eprint.iacr.org/2008/467}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.