Adaptive Restart and CEGAR-based Solver for Inverting Cryptographic Hash Functions

TL;DR

This paper introduces MapleCrypt, a SAT solver-based cryptanalysis tool that employs adaptive restart policies and CEGAR techniques to efficiently invert hash functions like SHA-1, outperforming existing methods.

Contribution

The paper presents a novel SAT solver framework with adaptive restart and CEGAR techniques specifically designed for cryptographic hash inversion.

Findings

MapleCrypt outperforms state-of-the-art tools in SHA-1 inversion.

The adaptive restart policy improves solver efficiency.

CEGAR effectively refines abstractions to ensure correct hash preimages.

Abstract

SAT solvers are increasingly being used for cryptanalysis of hash functions and symmetric encryption schemes. Inspired by this trend, we present MapleCrypt which is a SAT solver-based cryptanalysis tool for inverting hash functions. We reduce the hash function inversion problem for fixed targets into the satisfiability problem for Boolean logic, and use MapleCrypt to construct preimages for these targets. MapleCrypt has two key features, namely, a multi-armed bandit based adaptive restart (MABR) policy and a counterexample-guided abstraction refinement (CEGAR) technique. The MABR technique uses reinforcement learning to adaptively choose between different restart policies during the run of the solver. The CEGAR technique abstracts away certain steps of the input hash function, replacing them with the identity function, and verifies whether the solution constructed by MapleCrypt indeed hashes to the previously fixed targets. If it is determined that the solution produced is spurious, the abstraction is refined until a correct inversion to the input hash target is produced. We show that the resultant system is faster for inverting the SHA-1 hash function than state-of-the-art inversion tools.