Home Cryptanalysis of a hash function, and the modular subset sum problem
Article
Licensed
Unlicensed Requires Authentication

Cryptanalysis of a hash function, and the modular subset sum problem

  • Chris Monico EMAIL logo
Published/Copyright: April 17, 2019
Become an author with De Gruyter Brill
Author Information Explore this Subject
Groups Complexity Cryptology
From the journal Groups Complexity Cryptology Volume 11 Issue 1

Abstract

Recently, Shpilrain and Sosnovski proposed a hash function based on composition of affine maps. In this paper, we show that this hash function with its proposed parameters is not weak collision resistant, for plaintexts of size at least 1.9MB (about 224 bits). Our approach is to reduce the preimage problem to a (very) high density instance of the Random Modular Subset Sum Problem, for which we give an algorithm capable of solving instances of the resulting size. Specifically, given plaintexts of about 1.9MB, we were able to produce other plaintexts of the same size with the same hash value in about 13 hours each, on average.

Keywords: Subset-sum problem; Cayley hash function; cryptanalysis
MSC 2010: 94A60; 68R05

Acknowledgements

We are grateful to the anonymous referees for their careful reading and feedback on the first draft of this paper.

References

[1] M. Grassl, I. Ilić, S. Magliveras and R. Steinwandt, Cryptanalysis of the Tillich–Zémor hash function, J. Cryptology 24 (2011), no. 1, 148–156. 10.1007/s00145-010-9063-0Search in Google Scholar

[2] V. Lyubashevsky, On random high density subset sums, Electronic Colloquium on Computational Complexity Report no. 7, 2005. Search in Google Scholar

[3] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press Ser. Discrete Math. Appl., CRC Press, Boca Raton, 1997. Search in Google Scholar

[4] V. Shpilrain and B. Sosnovski, Compositions of linear functions and applications to hashing, Groups Complex. Cryptol. 8 (2016), no. 2, 155–161. 10.1515/gcc-2016-0016Search in Google Scholar

[5] J.-P. Tillich and G. Zémor, Hashing with SL2, Advances in Cryptology—CRYPTO ’94 (Santa Barbara 1994), Lecture Notes in Comput. Sci. 839, Springer, Berlin (1994), 40–49. 10.1007/3-540-48658-5_5Search in Google Scholar

[6] National Institute of Standards and Technology, FIPS PUB 180-4: Secure Hash Standard (SHS), August 2015; http://dx.doi.org/10.6028/NIST.FIPS.180-4. 10.6028/NIST.FIPS.180-4Search in Google Scholar

Received: 2018-01-17
Published Online: 2019-04-17
Published in Print: 2019-05-01

© 2019 Walter de Gruyter GmbH, Berlin/Boston

Articles in the same Issue

  1. Frontmatter
  2. Closure properties in the class of multiple context-free groups
  3. Cryptanalysis of a hash function, and the modular subset sum problem
  4. Some applications of arithmetic groups in cryptography
  5. An improved version of the AAG cryptographic protocol
  6. Conjugacy search problem and the Andrews–Curtis conjecture
https://doi.org/10.1515/gcc-2019-2001
Keywords for this article
Subset-sum problem; Cayley hash function; cryptanalysis

Articles in the same Issue

  1. Frontmatter
  2. Closure properties in the class of multiple context-free groups
  3. Cryptanalysis of a hash function, and the modular subset sum problem
  4. Some applications of arithmetic groups in cryptography
  5. An improved version of the AAG cryptographic protocol
  6. Conjugacy search problem and the Andrews–Curtis conjecture
Sign up now to receive a 20% welcome discount
Institutional Access
How does access work?
Have an idea on how to improve our website?
Please write us.
© 2025 De Gruyter Brill
Downloaded on 24.9.2025 from https://www.degruyterbrill.com/document/doi/10.1515/gcc-2019-2001/html
Scroll to top button