New algorithm for relaxation constrains generation in the inversion problem of MD4-39 | Applied Discrete Mathematics. Supplement. 2018. № 11. DOI: 10.17223/2226308X/11/43

HomeIssuesNew algorithm for relaxation constrains generation in the inversion problem of MD4-39 | Applied Discrete Mathematics. Supplement. 2018. № 11. DOI: 10.17223/2226308X/11/43

New algorithm for relaxation constrains generation in the inversion problem of MD4-39

The paper presents the preimage attack on 39-step variant of the MD4 cryptographic hash-function (MD4-39) using new approach which can be considered as a development of the ideas proposed earlier by H. Dobbertin. Particularly, we search for special relaxation constraints which are used to simplify the equations corresponding to the problem of finding a preimage for a random MD4-39 hash value. These equations supplemented with the relaxation constraints are reduced to the Boolean Satisfiability Problem (SAT) and then solved using the SAT solvers. We suggest a new method for automatic generation of relaxation constraints by applying the black-box optimization to the function of a special kind, which evaluates the effectiveness of a set of relaxation constraints. The proposed method allows to find new relaxation constraints using which we manage to construct preimage attack on MD4-39 which in dozens of times outperforms the best known attack for considered function.

Download file
Counter downloads: 161

Keywords

криптографические хеш-функции, обращение хеш-функций, MD4, MD4-39, SAT, cryptographic hash functions, inversion problem of hash functions, MD4, MD4-39, SAT

Authors

NameOrganizationE-mail
Gribanova I. A.Institute of Dynamics of Systems and Control Theory V.M. Matrosov SB RASthe42dimension@gmail.com
Всего: 1

References

Glover F. and Laguna M. TABU Search. Kluwer, 1999.
Otpuschennikov I., Semenov A., Gribanova I., et al. Encoding cryptographic functions to SAT using TRANSALG system // Proc. ECAI2016 -22nd Europ. Conf. Artificial Intelligence. Hague, 2016. V.285. P. 1594-1595.
Отпущенников И. В., Семeнов А. А. Технология трансляции комбинаторных проблем в булевы уравнения // Прикладная дискретная математика. 2011. №1. С. 96-115.
Dobbertin H. The first two rounds of md4 are not one-way // LNCS. 1998. V. 1372. P. 284-292.
Gribanova I., Zaikin O., Otpuschennikov I., and Semenov A. Using parallel SAT solving algorithms to study the inversion of MD4 hash function // Proc. Parallel Computational Technologies. 2017. P. 100-109.
Wang X., Lai X., Feng D., et al. Cryptanalysis of the hash functions MD4 and RIPEMD // LNCS. 2005. V. 3494. P. 1-18.
De D., Kumarasubramanian A, and Venkatesan R. Inversion attacks on secure hash functions using SAT solvers // LNCS. 2007. V.4501. P. 377-382.
Rivest R. L. The MD4 message digest algorithm // LNCS. 1990. V. 537. P. 303-311.
Dowling W. F. and Gallier J. H. Linear-time algorithms for testing the satisfiability of propositional horn formulae // J. Logic Programming. 1984. V. 1. No. 3. P. 267-284.
New algorithm for relaxation constrains generation in the inversion problem of MD4-39 | Applied Discrete Mathematics. Supplement. 2018. № 11. DOI: 10.17223/2226308X/11/43

New algorithm for relaxation constrains generation in the inversion problem of MD4-39 | Applied Discrete Mathematics. Supplement. 2018. № 11. DOI: 10.17223/2226308X/11/43