Разностные уравнения для алгоритмов хэширования семейства MDx

Creating a hash function cryptographers almost never provethe selection of algorithmic blocks, the order of blocks. The hash-function HAVAL proposedin 1992 is probably the only exception from this rule.This hash-function is constructedof blocks with specific properties such as strong independence of output bits, strongavalanche effect, 0-1 balance and others for Boolean functions, and the result hash functionwas proposed to be cryptographically strong. But time had shown that it is not true.The papers, proposing other popular hash-functions such as MD4, MD5, SHA-0, SHA-1,SHA-2, RIPEMD, GOST 34.11-94 and others, do not contain any proof for choice of elements.The algorithms used in construction of the hash-family of MDx contain constantvalues, addition modulo 232, rotations and primitive Boolean functions, chosen by the author.The cryptanalytics almost had not undertaken yet any attempts to prove the choiceof elements and if it is possible to change them to improve the cryptographic propertiesof the algorithm. The main target of this paper is an analysis of how primitive Booleanfunctions and rotations influence the resistance of MD5 to differential attacks.

Ключевые слова

Авторы

Ссылки