›› 2013, Vol. 28 ›› Issue (1): 159-164.doi: 10.1007/s11390-013-1320-x

• Information Security • Previous Articles     Next Articles

Cryptanalysis of Reduced-Round DASH

Shu-Sheng Liu (刘树生), Zheng Gong* (龚征), and Li-Bin Wang (王立斌), Member, CCF   

  1. School of Computer Science, South China Normal University, Guangzhou 510631, China
  • Received:2012-02-27 Revised:2012-06-29 Online:2013-01-05 Published:2013-01-05
  • Supported by:

    The work is supported by the National Natural Sciences Foundation of China under Grant No. 61100201 and Foundation for Distinguished Young Talents in Higher Education of Guangdong Province of China under Grant No. LYM11053.

In ACISP 2008, the hash family DASH has been proposed by Billet et al., which considers the design of Rijndael and RC6. DASH family has two variants that support 256-bit and 512-bit output length respectively. This paper presents the first third-party cryptanalysis of DASH-256 with a focus on the underlying block cipher A256. In particular, we study the distinguisher using differential and boomerang attack. As a result, we build a distinguishing attack for the compression function of DASH-256 with 8-round A256 using the differential cryptanalysis. Finally, we obtain a boomerang distinguisher of 9-round A256.

[1] Wang X Y, Lai X J, Feng D G, Chen H, Yu X Y. Cryptanalysisof the hash functions MD4 and RIPEMD. In Proc. the24th EUROCRYPT 2005, May 2005, pp.1-18.
[2] Wang X Y, Yin Y L, Yu H B. Finding collisions in the fullSHA-1. In Proc. the 25th CRYPTO 2005, August 2005,pp.17-36.
[3] Wang X Y, Yu H B. How to break MD5 and other hash functions.In Proc. the 24th EUROCRYPT 2005, May 2005,pp.19-35.
[4] Wang X Y, Yu H B, Yin Y L. Efficient collision search attackson SHA-0. In Proc. the 25th CRYPTO 2005, August 2005,pp.1-16.
[5] Billet O, Robshaw M J B, Seurin Y, Yin Y L. Looking backat a new hash function. In Proc. the 13th ACISP 2008, July2008, pp.239-253.
[6] National Institute of Standards and Technology(NIST). Advanced encryption standard (AES).http://csrc.nist.gov/publications/fips197/fips-197.pdf.
[7] Rivest R L, Robshaw M J B, Sidney R, Yin Y L.The RC6TM block cipher (V1.1), August 20, 1998,www.people.csail.mit.edu/rivest/pubs/RRSY98.pdf.
[8] Wagner D. The Boomerang attack. In Proc. the 6th FSE,March 1999, pp.156-170.
[9] Biryukov A, Nikolic I, Roy A. Boomerang attacks on BLAKE-32. In Proc. the 18th FSE, February 2011, pp.218-237.
[10] Lamberger M, Mendel F. Higher-order differential attackon reduced SHA-256. Cryptology ePrint Archive, Report2011/037, 2011, http://eprint.iacr.org/2011/037.
No related articles found!
Full text



[1] Li Weihua; Yuan Youguang;. Error Recovery in a Real-Time Multiprocessor System[J]. , 1992, 7(1): 83 -87 .
[2] Zheng Yuhua; Xie Li; Sun Zliongxiu;. Full Or-Parallemism and Restricted And-Parallelism in BTM[J]. , 1994, 9(4): 373 -381 .
[3] Chen Ke; Masumi Ishikawa;. A Parallel Voting Scheme for Aspect Recovery[J]. , 1995, 10(5): 385 -402 .
[4] Yu Shengke;. Reasoning in H-Net: A Unified Approach to Intelligent Hypermedia Systems[J]. , 1996, 11(1): 83 -89 .
[5] Ju Jiubin; Wang Yong; Yin Yu;. Scheduling PVM Tasks[J]. , 1997, 12(2): 167 -176 .
[6] Sun Yufang;. Hanzix and Chinese Open System Platform[J]. , 1997, 12(3): 283 -288 .
[7] Wang Haohong; Wu Ruixun; Cai Shijie;. A New Algorithm for Two-Dimensional Line Clipping via Geometric Transformation[J]. , 1998, 13(5): 410 -416 .
[8] Ewen Denney;. Simply-typed Underdeterminism[J]. , 1998, 13(6): 491 -508 .
[9] XU Xiaofei; YE Dan; LI Quanlong; ZHAN Dechen;. Dynamic Organization and Methodology for Agile Virtual Enterprises[J]. , 2000, 15(4): 368 -375 .
[10] NIE Xumin; GUO Qing;. Renaming a Set of Non-Horn Clauses[J]. , 2000, 15(5): 409 -415 .

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
E-mail: jcst@ict.ac.cn
  Copyright ©2015 JCST, All Rights Reserved