Universite Bordeaux 1
Collisions in the LPS cryptographic hash function have been found, but it was not clear whether computing preimages was also easy for this hash function. The authors present a probabilistic polynomial time algorithm solving this problem. Subsequently, they study the morgenstern hash, an interesting variant of LPS hash, and break this function as well. Their attacks build upon the ideas of zemor and tillich but are not straightforward extensions of it. Finally, they discuss fixes for the morgenstern hash function and other applications of their results.