On the security of tiger hash function

Özen, Onur
Recent years have witnessed several real threats to the most widely used hash functions which are generally inspired from MD4, such as MD5, RIPEMD, SHA0 and SHA1. These extraordinary developments in cryptanalysis of hash functions brought the attention of the cryptology researchers to the alternative designs. Tiger is an important type of alternative hash functions and is proved to be secure so far as there is no known collision attack on the full (24 rounds) Tiger. It is designed by Biham and Anderson in 1995 to be very fast on modern computers. In two years some weaknesses have been found for Tiger-hash function. First, in FSE 006 Kelsey and Lucks found a collision for 16-17 rounds of Tiger and a pseudo-near-collision for 20 rounds. Then, Mendel et al extended this attack to find 19-round collision and 22-round pseudo-near-collision. Finally in 2007, Mendel and Rijmen found a pseudo-near-collision for the full Tiger. In this work, we modify the attack of Kelsey and Lucks slightly and present the exact values of the differences used in the attack. Moreover, there have been several cryptanalysis papers investigating the randomness properties of the designed hash functions under the encryption modes. In these papers, related-key boomerang and related-key rectangle attacks are performed on MD4,MD5, HAVAL and SHA. In this thesis, we introduce our 17,19 and 21-round related-key boomerang and rectangle distinguishers to the encryption mode of Tiger.
Citation Formats
O. Özen, “On the security of tiger hash function,” M.S. - Master of Science, Middle East Technical University, 2008.