Krystian Matusiewicz
Macquarie University
Title: Cryptanalysis of FORK-256
In this talk we present a cryptanalysis of a recently proposed
dedicated hash function FORK-256.
After a brief description of the function we analyse the step
transformation and exhibit some pathological differentials that
we use in our attack.
We present a simple application of those differentials
in a differential path that yields near pseudo-collisions.
Next, we discuss a general way of finding high-level differential
paths in FORK-256 and show a few particularly interesting ones.
We present how to use one of those paths with differences in
only one message block to find collisions for the compression
function with complexity not exceeding 2^126.6, better than
by generic birthday paradox and using only small amount of memory.
We show that in practice we can use this method to easily find
near-collisions with output differences of weights less than 30.
Finally, we discuss some theoretical improvements that reduce
this complexity by using precomputed tables of size around 2^64.
We also show how to extend the attack to the full function
(with the predefined IV).
Note. The full paper may be accessed at:
http://www.ics.mq.edu.au/~kmatus/FORK/CryptanalysisOfFORK-256.pdf