Practical Attacks on the Maelstrom-0 Compression Function

Stefan Kölbl, Florian Mendel
June 2011
PDF Slides

Abstract

In this paper we present attacks on the compression function of Maelstrom-0. It is based on the Whirlpool hash function standardized by ISO and was designed to be a faster and more robust enhancement. We analyze the compression function and use differential cryptanalysis to construct collisions for reduced variants of the Maelstrom-0 compression function. The attacks presented in this paper are of practical complexity and show significant weaknesses in the construction compared to its predecessor. The methods used are based on recent results in the analysis of AES-based hash functions.

Type
Conference paper
Publication
In Applied Cryptography and Network Security 2011
hash functions cryptanalysis collisions near-collisions
Avatar
Stefan Kölbl
Information Security Engineer

Security engineer with extensive background in cryptography.