Paper 2013/584

Cryptanalysis of GOST R Hash Function

Zongyue Wang, Hongbo Yu, and Xiaoyun Wang

Abstract

GOST R is the hash function standard of Russia. This paper presents some cryptanalytic results on GOST R. Using the rebound attack technique, we achieve collision attacks on the reduced round compression function. Result on up to 9.5 rounds is proposed, the time complexity is 2^{176} and the memory requirement is 2^{128} bytes. Based on the 9.5-round collision result, a limited birthday distinguisher is presented. More over, a method to construct k collisions on 512-bit version of GOST R is given which show the weakness of the structure used in GOST R. To the best of our knowledge, these are the first results on GOST R.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Contact author(s)
zongyuewang @ mail sdu edu cn
History
2013-09-14: received
Short URL
https://ia.cr/2013/584
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/584,
      author = {Zongyue Wang and Hongbo Yu and Xiaoyun Wang},
      title = {Cryptanalysis of GOST R Hash Function},
      howpublished = {Cryptology ePrint Archive, Paper 2013/584},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/584}},
      url = {https://eprint.iacr.org/2013/584}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.