标题：Improved cryptanalysis of step-reduced SM3
作者：Shen Yanzhao;Bai Dongxia;Yu Hongbo
作者机构：[Shen Yanzhao] Shandong University;;School of Mathematics, Shandong University, Key Laboratory of Cryptologic Technology and Information Security, Min 更多
通讯作者地址：[Yu, HB]Tsinghua Univ, Dept Comp Sci & Technol, Beijing 100084, Peoples R China;[Yu, HB]Sci & Technol Commun Secur Lab, Chengdu 610041, Sichuan, Peopl 更多
摘要：SM3 is the Chinese hash standard and is standardized in GB/T 32905-2016. As a hash function, it must fulfill three security requirements, collision resistance, preimage resistance, and second preimage resistance. During the ongoing evaluation, it is believed that whenever the hash function behaves differently from a random function, it is considered as the hash function\'s weakness. In recent years, the analysis has not only been limited to the classical security requirements, but also in the near-collision, boomerang distinguisher, and(semi-)free-start collision. Most of the previous preimage attacks on SM3 are either without padding or padding is not present from the first step. The best boomerang attack on SM3 covers 37 steps. In this article, we focus on the preimage attack from the first step, with message padding. A preimage attack on 30-step SM3 is proposed. Furthermore, we improve the 37-step boomerang attack and extend it to the 38-step boomerang attack. A summary of the previous results and along with our owns is given in Table 1.