Meet-in-the-middle attacks revisited: key-recovery, collision, and preimage attacks
At EUROCRYPT 2021, Bao et al. proposed an automatic method for systematically exploring
the configuration space of meet-in-the-middle (MITM) preimage attacks. We further extend it …
the configuration space of meet-in-the-middle (MITM) preimage attacks. We further extend it …
Simplified MITM modeling for permutations: New (quantum) attacks
A Schrottenloher, M Stevens - Annual International Cryptology Conference, 2022 - Springer
Abstract Meet-in-the-middle (MITM) is a general paradigm where internal states are
computed along two independent paths ('forwards' and 'backwards') that are then matched …
computed along two independent paths ('forwards' and 'backwards') that are then matched …
Meet-in-the-middle preimage attacks on sponge-based hashing
L Qin, J Hua, X Dong, H Yan, X Wang - … on the Theory and Applications of …, 2023 - Springer
Abstract The Meet-in-the-Middle (MitM) attack has been widely applied to preimage attacks
on Merkle-Damgård (MD) hashing. In this paper, we introduce a generic framework of the …
on Merkle-Damgård (MD) hashing. In this paper, we introduce a generic framework of the …
Superposition meet-in-the-middle attacks: updates on fundamental security of AES-like hashing
Abstract The Meet-in-the-Middle approach is one of the most powerful cryptanalysis
techniques, demonstrated by its applications in preimage attacks on the full MD4, MD5 …
techniques, demonstrated by its applications in preimage attacks on the full MD4, MD5 …
Automatic Search of Meet-in-the-Middle Differential Fault Analysis on AES-like Ciphers
Q Yu, X Dong, L Qin, Y Kang, K Jia, X Wang… - IACR Transactions on …, 2023 - tches.iacr.org
Fault analysis is a powerful technique to retrieve secret keys by exploiting side-channel
information. Differential fault analysis (DFA) is one of the most powerful threats utilizing …
information. Differential fault analysis (DFA) is one of the most powerful threats utilizing …
Triangulating rebound attack on AES-like hashing
The rebound attack was introduced by Mendel et al. at FSE 2009 to fulfill a heavy middle
round of a differential path for free, utilizing the degree of freedom from states. The inbound …
round of a differential path for free, utilizing the degree of freedom from states. The inbound …
Automatic preimage attack framework on ascon using a linearize-and-guess approach
H Li, L He, S Chen, J Guo, W Qiu - IACR Transactions on Symmetric …, 2023 - dr.ntu.edu.sg
Ascon is the final winner of the lightweight cryptography standardization competition (2018−
2023). In this paper, we focus on preimage attacks against round-reduced Ascon. The …
2023). In this paper, we focus on preimage attacks against round-reduced Ascon. The …
Simplified modeling of MITM attacks for block ciphers: New (quantum) attacks
A Schrottenloher, M Stevens - IACR Transactions on Symmetric …, 2023 - inria.hal.science
The meet-in-the-middle (MITM) technique has led to many key-recovery attacks on block
ciphers and preimage attacks on hash functions. Nowadays, cryptographers use automatic …
ciphers and preimage attacks on hash functions. Nowadays, cryptographers use automatic …
Areion: highly-efficient permutations and its applications to hash functions for short input
In the real-world applications, the overwhelming majority of cases require hashing with
relatively short input, say up to 2K bytes. The length of almost all TCP/IP packets is between …
relatively short input, say up to 2K bytes. The length of almost all TCP/IP packets is between …
Improved MITM cryptanalysis on Streebog
At ASIACRYPT 2012, Sasaki et al. introduced the guess-and-determine approach to extend
the meet-in-the-middle (MITM) preimage attack. At CRYPTO 2021, Dong et al. proposed a …
the meet-in-the-middle (MITM) preimage attack. At CRYPTO 2021, Dong et al. proposed a …