{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T11:44:54Z","timestamp":1777376694285,"version":"3.51.4"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319224244","type":"print"},{"value":"9783319224251","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-22425-1_6","type":"book-chapter","created":{"date-parts":[[2015,8,19]],"date-time":"2015-08-19T14:42:31Z","timestamp":1439995351000},"page":"79-96","source":"Crossref","is-referenced-by-count":7,"title":["Improved (Pseudo) Preimage Attacks on Reduced-Round GOST and Gr\u00f8stl-256 and Studies on Several Truncation Patterns for AES-like Compression Functions"],"prefix":"10.1007","author":[{"given":"Bingke","family":"Ma","sequence":"first","affiliation":[]},{"given":"Bao","family":"Li","sequence":"additional","affiliation":[]},{"given":"Ronglin","family":"Hao","sequence":"additional","affiliation":[]},{"given":"Xiaoqian","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,8,20]]},"reference":[{"key":"6_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"175","DOI":"10.1007\/978-3-319-12160-4_11","volume-title":"Information Security and Cryptology \u2013 ICISC 2013","author":"R AlTawy","year":"2014","unstructured":"AlTawy, R., Kircanski, A., Youssef, A.M.: Rebound attacks on stribog. In: Lee, H.-S., Han, D.-G. (eds.) ICISC 2013. LNCS, vol. 8565, pp. 175\u2013188. Springer, Heidelberg (2014)"},{"key":"6_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"109","DOI":"10.1007\/978-3-319-06734-6_7","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2014","author":"R AlTawy","year":"2014","unstructured":"AlTawy, R., Youssef, A.M.: Preimage attacks on reduced-round stribog. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT. LNCS, vol. 8469, pp. 109\u2013125. Springer, Heidelberg (2014)"},{"key":"6_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"578","DOI":"10.1007\/978-3-642-10366-7_34","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"K Aoki","year":"2009","unstructured":"Aoki, K., Guo, J., Matusiewicz, K., Sasaki, Y., Wang, L.: Preimages for step-reduced SHA-2. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 578\u2013597. Springer, Heidelberg (2009)"},{"key":"6_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1007\/978-3-642-04159-4_7","volume-title":"Selected Areas in Cryptography","author":"K Aoki","year":"2009","unstructured":"Aoki, K., Sasaki, Y.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103\u2013119. Springer, Heidelberg (2009)"},{"key":"6_CR5","unstructured":"Aumasson, J.P., Henzen, L., Meier, W., Phan, R.C.W.: SHA-3 proposal BLAKE. Submission to NIST (Round 3) (2010). \n                      http:\/\/131002.net\/blake\/"},{"key":"6_CR6","unstructured":"Barreto, P., Rijmen, V.: The whirlpool hashing function. Submitted to NESSIE, September 2000. \n                      http:\/\/www.larc.usp.br\/ pbarreto\/WhirlpoolPage.html"},{"key":"6_CR7","unstructured":"Benadjila, R., Billet, O., Gilbert, H., Macario-Rat, G., Peyrin, T., Robshaw, M., Seurin, Y.: SHA-3 proposal: ECHO. Submission to NIST (updated) (2009). \n                      http:\/\/crypto.rd.francetelecom.com\/ECHO\/"},{"key":"6_CR8","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The keccak reference. Submission to NIST (Round 3) (2011). \n                      http:\/\/keccak.noekeon.org\/Keccak-reference-3.0.pdf"},{"key":"6_CR9","unstructured":"Biham, E., Dunkelman, O.: A framework for iterative hash functions - HAIFA. Cryptology ePrint Archive, Report 2007\/278 (2007). \n                      http:\/\/eprint.iacr.org\/2007\/278"},{"key":"6_CR10","unstructured":"Biham, E., Dunkelman, O.: The SHAvite-3 hash function. Submission to NIST (Round 2) (2009), \n                      http:\/\/www.cs.technion.ac.il\/orrd\/SHAvite-3\/"},{"key":"6_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"429","DOI":"10.1007\/978-3-540-71039-4_27","volume-title":"Fast Software Encryption","author":"D Chang","year":"2008","unstructured":"Chang, D., Nandi, M.: Improved indifferentiability security analysis of chopMD hash function. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 429\u2013443. Springer, Heidelberg (2008)"},{"key":"6_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"430","DOI":"10.1007\/11535218_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"J-S Coron","year":"2005","unstructured":"Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damg\u00e5rd revisited: how to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430\u2013448. Springer, Heidelberg (2005)"},{"key":"6_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"222","DOI":"10.1007\/3-540-45325-3_20","volume-title":"Cryptography and Coding","author":"J Daemen","year":"2001","unstructured":"Daemen, J., Rijmen, V.: The wide trail design strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 222\u2013238. Springer, Heidelberg (2001)"},{"key":"6_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"IB Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416\u2013427. Springer, Heidelberg (1990)"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Dolmatov, V., Degtyarev, A.: GOST R 34.11-2012: hash function (2013)","DOI":"10.17487\/rfc6986"},{"key":"6_CR16","unstructured":"Dolmatov, V., Degtyarev, A.: Request for comments 6986: GOST R 34.11-2012: hash function. Internet Engineering Task Force (IETF) (2013). \n                      http:\/\/www.ietf.org\/rfc\/rfc6986.txt"},{"key":"6_CR17","unstructured":"Information protection and special communications of the federal security service of the Russian federation: GOST R 34.11-94, information technology cryptographic data security hashing function (1994). (In Russian)"},{"key":"6_CR18","unstructured":"Information protection and special communications of the federal security service of the Russian federation: GOST R 34.11-2012, information technology cryptographic data security hashing function (2012). \n                      http:\/\/www.tc26.ru\/en\/GOSTR3411-2012\/GOST_R_34_11-2012_eng.pdf"},{"key":"6_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1007\/978-3-540-79263-5_3","volume-title":"Topics in Cryptology \u2013 CT-RSA 2008","author":"P Gauravaram","year":"2008","unstructured":"Gauravaram, P., Kelsey, J.: Linear-XOR and additive checksums don\u2019t protect Damg\u00e5rd-Merkle hashes from generic attacks. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 36\u201351. Springer, Heidelberg (2008)"},{"key":"6_CR20","unstructured":"Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: Gr\u00f8stl-a SHA-3 candidate. Submission to NIST (Round 3) (2011). \n                      http:\/\/www.groestl.info\/Groestl.pdf"},{"key":"6_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"365","DOI":"10.1007\/978-3-642-13858-4_21","volume-title":"Fast Software Encryption","author":"H Gilbert","year":"2010","unstructured":"Gilbert, H., Peyrin, T.: Super-Sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365\u2013383. Springer, Heidelberg (2010)"},{"key":"6_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"195","DOI":"10.1007\/978-3-319-13051-4_12","volume-title":"Selected Areas in Cryptography \u2013 SAC 2014","author":"J Guo","year":"2014","unstructured":"Guo, J., Jean, J., Leurent, G., Peyrin, T., Wang, L.: The usage of counter revisited: second-preimage attack on new Russian standardized hash function. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 195\u2013211. Springer, Heidelberg (2014)"},{"key":"6_CR23","unstructured":"International Organization for Standardization: ISO\/IEC 10118\u20133:2004: information technology - security techniques - hash-functions - part 3: dedicated hash-functions (2004)"},{"key":"6_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"504","DOI":"10.1007\/978-3-642-42045-0_26","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"M Iwamoto","year":"2013","unstructured":"Iwamoto, M., Peyrin, T., Sasaki, Y.: Limited-birthday distinguishers for hash functions. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 504\u2013523. Springer, Heidelberg (2013)"},{"key":"6_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"306","DOI":"10.1007\/978-3-540-28628-8_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"A Joux","year":"2004","unstructured":"Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306\u2013316. Springer, Heidelberg (2004)"},{"key":"6_CR26","unstructured":"Kazymyrov, O., Kazymyrova, V.: Algebraic aspects of the Russian hash standard GOST R 34.11-2012. Cryptology ePrint Archive, Report 2013\/556 (2013). \n                      http:\/\/eprint.iacr.org\/2013\/556"},{"key":"6_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1007\/11761679_12","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"J Kelsey","year":"2006","unstructured":"Kelsey, J., Kohno, T.: Herding hash functions and the nostradamus attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 183\u2013200. Springer, Heidelberg (2006)"},{"key":"6_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"474","DOI":"10.1007\/11426639_28","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"J Kelsey","year":"2005","unstructured":"Kelsey, J., Schneier, B.: Second preimages on n-bit hash functions for much less than 2\n                      \n                        \n                      \n                      $$^{n}$$\n                      \n                        \n                          \n                            \n                            n\n                          \n                        \n                      \n                     work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474\u2013490. Springer, Heidelberg (2005)"},{"key":"6_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"228","DOI":"10.1007\/978-3-642-03317-9_14","volume-title":"Fast Software Encryption","author":"D Khovratovich","year":"2009","unstructured":"Khovratovich, D., Nikoli\u0107, I., Weinmann, R.-P.: Meet-in-the-middle attacks on SHA-3 candidates. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 228\u2013245. Springer, Heidelberg (2009)"},{"key":"6_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"244","DOI":"10.1007\/978-3-642-34047-5_15","volume-title":"Fast Software Encryption","author":"D Khovratovich","year":"2012","unstructured":"Khovratovich, D., Rechberger, C., Savelieva, A.: Bicliques for preimages: attacks on Skein-512 and the SHA-2 family. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 244\u2013263. Springer, Heidelberg (2012)"},{"key":"6_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1007\/978-3-642-32009-5_22","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"S Knellwolf","year":"2012","unstructured":"Knellwolf, S., Khovratovich, D.: New preimage attacks against reduced SHA-1. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 367\u2013383. Springer, Heidelberg (2012)"},{"key":"6_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1007\/978-3-642-10366-7_8","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"M Lamberger","year":"2009","unstructured":"Lamberger, M., Mendel, F., Rechberger, C., Rijmen, V., Schl\u00e4ffer, M.: Rebound distinguishers: results on the full whirlpool compression function. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 126\u2013143. Springer, Heidelberg (2009)"},{"key":"6_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1007\/978-3-319-07536-5_18","volume-title":"Applied Cryptography and Network Security","author":"B Ma","year":"2014","unstructured":"Ma, B., Li, B., Hao, R., Li, X.: Improved cryptanalysis on reduced-round GOST and whirlpool hash function. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 289\u2013307. Springer, Heidelberg (2014)"},{"key":"6_CR34","doi-asserted-by":"crossref","unstructured":"Ma, B., Li, B., Hao, R., Li, X.: Improved (Pseudo) preimage attacks on reduced-round GOST and Gr\u00f8stl-256 and studies on several truncation patterns for AES-like compression functions (Full version). Cryptology ePrint Archive (2015)","DOI":"10.1007\/978-3-319-22425-1_6"},{"key":"6_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"224","DOI":"10.1007\/978-3-540-71039-4_14","volume-title":"Fast Software Encryption","author":"F Mendel","year":"2008","unstructured":"Mendel, F., Pramstaller, N., Rechberger, C.: A (Second) preimage attack on the GOST hash function. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 224\u2013234. Springer, Heidelberg (2008)"},{"key":"6_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"162","DOI":"10.1007\/978-3-540-85174-5_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"F Mendel","year":"2008","unstructured":"Mendel, F., Pramstaller, N., Rechberger, C., Kontak, M., Szmidt, J.: Cryptanalysis of the GOST hash function. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 162\u2013178. Springer, Heidelberg (2008)"},{"key":"6_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"260","DOI":"10.1007\/978-3-642-03317-9_16","volume-title":"Fast Software Encryption","author":"F Mendel","year":"2009","unstructured":"Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: The rebound attack: cryptanalysis of reduced whirlpool and Gr\u00f8stl. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260\u2013276. Springer, Heidelberg (2009)"},{"key":"6_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/0-387-34805-0_40","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"RC Merkle","year":"1990","unstructured":"Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428\u2013446. Springer, Heidelberg (1990)"},{"key":"6_CR39","unstructured":"National Institute of Standards and Technology (NIST): FIPS PUB 180\u20133: secure hash standard. Federal Information Processing Standards Publication 180\u20133, U.S. Department of Commerce, October 2008. \n                      http:\/\/csrc.nist.gov\/publications\/fips\/fips180-3\/fips180-3_final.pdf"},{"key":"6_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"378","DOI":"10.1007\/978-3-642-21702-9_22","volume-title":"Fast Software Encryption","author":"Y Sasaki","year":"2011","unstructured":"Sasaki, Y.: Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 378\u2013396. Springer, Heidelberg (2011)"},{"key":"6_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"134","DOI":"10.1007\/978-3-642-01001-9_8","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"Y Sasaki","year":"2009","unstructured":"Sasaki, Y., Aoki, K.: Finding preimages in full MD5 faster than exhaustive search. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 134\u2013152. Springer, Heidelberg (2009)"},{"key":"6_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"562","DOI":"10.1007\/978-3-642-34961-4_34","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"Y Sasaki","year":"2012","unstructured":"Sasaki, Y., Wang, L., Wu, S., Wu, W.: Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 562\u2013579. Springer, Heidelberg (2012)"},{"key":"6_CR43","unstructured":"Wang, Z., Yu, H., Wang, X.: Cryptanalysis of GOST R hash function. Cryptology ePrint Archive, Report 2013\/584 (2013). \n                      http:\/\/eprint.iacr.org\/2013\/584"},{"key":"6_CR44","doi-asserted-by":"crossref","unstructured":"Wu, S., Feng, D., Wu, W., Guo, J., Dong, L., Zou, J.: (Pseudo)Preimage attack on round-reduced Gr\u00f8stl hash function and others. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 127\u2013145. Springer, Heidelberg (2012)","DOI":"10.1007\/978-3-642-34047-5_8"},{"key":"6_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"309","DOI":"10.1007\/978-3-319-12087-4_20","volume-title":"Information Security and Cryptology","author":"J Zou","year":"2014","unstructured":"Zou, J., Wu, W., Wu, S.: Cryptanalysis of the round-reduced GOST hash function. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 309\u2013322. Springer, Heidelberg (2014)"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-22425-1_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,30]],"date-time":"2019-05-30T17:48:00Z","timestamp":1559238480000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-22425-1_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319224244","9783319224251"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-22425-1_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}