Hamsi

From The ECRYPT Hash Function Website

Jump to: navigation, search

1 The algorithm

Author(s): Özgül Kücük
Website: http://homes.esat.kuleuven.be/~okucuk/hamsi/
NIST submission package:
- round 1/2: Hamsi_Round2.zip (old versions: Hamsi.zip, HamsiUpdate.zip)

Özgül Küçük - The Hash Function Hamsi

Submission to NIST (updated), 2009

[Electronic Edition] [Bibtex]

Author : Özgül Küçük
Title : The Hash Function Hamsi
In : Submission to NIST (updated) -

Özgül Küçük - The Hash Function Hamsi

Submission to NIST, 2008

[Electronic Edition] [Bibtex]

Author : Özgül Küçük
Title : The Hash Function Hamsi
In : Submission to NIST -

2 Cryptanalysis

We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.

A description of the tables is given here.

Recommended security parameters: (3,6) P,P_f rounds (n=224,256); (6,12) P,P_f rounds (n=384,512).

2.1 Hash function

Here we list results on the actual hash function. The only allowed modification is to change the security parameter.

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
2nd-preimage	hash function	256	(3,6)	2²⁴⁷	?	Dinur,Shamir
2nd-preimage	hash function	256	(3,6)	2^251.3	?	Fuhr

2.2 Building blocks

Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.

Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
distinguisher	output transformation	256	6 rounds	2¹⁰	-	Boura,Canteaut
semi-free-start near-collisions	compression function	256	2 rounds	example	-	Turan,Uyan
observations	hash function	all				Gligoroski
distinguisher	output transformation	224, 256	6 rounds	2^124.3		Aumasson et al.
distinguisher	permutation	224, 256	6 rounds	2²⁸		Aumasson et al.
free-start near-collision	compression function	224, 256	3 rounds	2²⁶		Aumasson et al.
non-randomness	compression function	224, 256	5 rounds			Aumasson
free-start near-collision	compression function	224, 256	3 rounds	2²¹		Nikolic
distinguisher	compression function	224, 256	6 rounds	2²⁷		Aumasson,Meier
distinguisher	compression function	384, 512	12 rounds	2⁷²⁹		Aumasson,Meier
free-start near-collision	compression function	224, 256	3 rounds	2⁵		Wang,Wang,Jia,Wang
free-start near-collision	compression function	224, 256	4 rounds	2³²		Wang,Wang,Jia,Wang
free-start near-collision	compression function	224, 256	5 rounds	2¹²⁵		Wang,Wang,Jia,Wang
message-recovery	compression function	224, 256	3 rounds	2^10.48		Calik,Turan
pseudo-2nd-preimage	hash function	256	(3,6) rounds	2^254.25		Calik,Turan

Itai Dinur, Adi Shamir - An Improved Algebraic Attack on Hamsi-256

Cryptology ePrint Archive, Report 2010/602, 2010

[Electronic Edition] [Bibtex]

Author : Itai Dinur, Adi Shamir
Title : An Improved Algebraic Attack on Hamsi-256
In : Cryptology ePrint Archive, Report 2010/602 -

[Abstract]

Christina Boura, Anne Canteau - Zero-Sum Distinguishers for Iterated Permutations and Application to Keccak-f and Hamsi-256

In Proceedings of SAC, LNCS, pp. , Springer, 2010

[Electronic Edition] [Bibtex]

Author : Christina Boura, Anne Canteau
Title : Zero-Sum Distinguishers for Iterated Permutations and Application to Keccak-f and Hamsi-256
In : In Proceedings of SAC -

[Abstract]

Meltem Sönmez Turan, Erdener Uyan - Practical Near-Collisions for Reduced Round Blake, Fugue, Hamsi and JH

Second SHA-3 Candidate Conference, 2010

[Electronic Edition] [Bibtex]

Author : Meltem Sönmez Turan, Erdener Uyan
Title : Practical Near-Collisions for Reduced Round Blake, Fugue, Hamsi and JH
In : Second SHA-3 Candidate Conference -

[Abstract]

Thomas Fuhr - Finding Second Preimages of Short Messages for Hamsi-256

In Advances in Cryptology - ASIACRYPT 2010, Proceedings, 2010

[Electronic Edition] [Bibtex]

Author : Thomas Fuhr
Title : Finding Second Preimages of Short Messages for Hamsi-256
In : In Advances in Cryptology - ASIACRYPT 2010, Proceedings -

Danilo Gligoroski - Narrow-pipe SHA-3 candidates differ significantly from ideal random functions defined over big domains

NIST mailing list, 2010

[Electronic Edition] [Bibtex]

Author : Danilo Gligoroski
Title : Narrow-pipe SHA-3 candidates differ significantly from ideal random functions defined over big domains
In : NIST mailing list -

Jean-Philippe Aumasson, Emilia Käsper, Lars Ramkilde Knudsen, Krystian Matusiewicz, Rune Ødegaard, Thomas Peyrin, Martin Schläffer - Distinguishers for the compression function and output transformation of Hamsi-256

In Proceedings of ACISP, LNCS 6168, pp. 87-103, Springer, 2010

[Electronic Edition] [Bibtex]

Author : Jean-Philippe Aumasson, Emilia Käsper, Lars Ramkilde Knudsen, Krystian Matusiewicz, Rune Ødegaard, Thomas Peyrin, Martin Schläffer
Title : Distinguishers for the compression function and output transformation of Hamsi-256
In : In Proceedings of ACISP -

[Abstract]

Jean-Philippe Aumasson - On the pseudorandomness of Hamsi

NIST mailing list (local link), 2009

[Electronic Edition] [Bibtex]

Author : Jean-Philippe Aumasson
Title : On the pseudorandomness of Hamsi
In : NIST mailing list (local link) -

Ivica Nikolic - Near Collisions for the Compression Function of Hamsi-256

CRYPTO rump session, 2009

[Electronic Edition] [Bibtex]

Author : Ivica Nikolic
Title : Near Collisions for the Compression Function of Hamsi-256
In : CRYPTO rump session -