关键词: 消息摘要, 安全性, 分段—连接, 自由起始原象攻击

Abstract: As one of SHA-3 candidate algorithms for the second round competition, BLAKE adopts local wide-pipe technology and improved MD iteration structure. Its core is the core of Chacha cipher algorithm and its security has not been proved. By analyzing the structure and the characteristics of message permutation, three rounds free-starting preimage attack could be applied to BLAKE by using splice-and-subsection technology. The result shows that the designing deficiency of message permutation affects the security of BLAKE algorithm.

Key words: message digest, security, splice-and-subsection, free-starting preimage attack