[Cryptography] Potential Vulnerabilities in SM3 Hash (and Related Algorithms)?
Danny Mitchell
fishcustard at gmail.com
Tue Oct 31 07:06:38 EDT 2017
On 30/10/2017, R0b0t1 <r030t1 at gmail.com> wrote:
> A patch to gcrypt was proposed on the mailing list to add SM3, a hash
> function sponsored by a Chinese government body. The function contains
> unjustified changes and picked constants.
>
> Is it possible the hash function is insecure? I am of the opinion that
> it is, but despite my concerns the patch was merged with gcrypt.
>
> Respectfully,
> R0b0t1
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
There have been several cryptanyses of round-reduced SM3, notably
using boomerang analysis. See
Kircanski, A., and Youssef, A., "Boomerang and Slide-Rotational
Analysis of the SM3 Hash Function" (2012),
https://link.springer.com/chapter/10.1007/978-3-642-35999-6_20, pdf
available at https://eprint.iacr.org/2012/274.pdf
Bai, D., Yu, H., Wang, G., and Wang, X., "Improved Boomerang Attacks
on Round-Reduced SM3 and Keyed Permutation of BLAKE-256" (2013),
https://link.springer.com/chapter/10.1007/978-3-642-39059-3_17, pdf
available at https://eprint.iacr.org/2013/852.pdf
Mendel, F., Nad, T, and Schlaffer, M., "Finding Collisions for
Round-Reduced SM3" (2013),
https://www.researchgate.net/publication/235223637_Finding_Collisions_for_Round-Reduced_SM3,
pdf available from
https://www.tnad.at/wp-content/uploads/2016/04/finding-collisions-for-round-reduced-sm3.pdf
and
Shen, Y., Bai, D., and Yu, H., "Improved cryptanalysis of step-reduced
SM3" (to be published 2018),
https://www.researchgate.net/publication/319467688_Improved_cryptanalysis_of_step-reduced_SM3
More information about the cryptography
mailing list