Single block attacks and statistical tests on CubeHash

Abstract

This paper describes a second preimage attack on the CubeHash cryptographic one-way hash function. The attack finds a second preimage in less time than brute force search for these CubeHash variants: CubeHash $r$/$b$-224 for $b \u3e 100$; CubeHash$r$/$b$-256 for $b \u3e 96$; CubeHash$r$/$b$-384 for $b \u3e 80$; and CubeHash$r$/$b$-512 for $b \u3e 64$. However, the attack does not break the CubeHash variants recommended for SHA-3. The attack requires minimal memory and can be performed in a massively parallel fashion. This paper also describes several statistical randomness tests on CubeHash. The tests were unable to disprove the hypothesis that CubeHash behaves as a random mapping. These results support CubeHash\u27s viability as a secure cryptographic hash function