SIMD

From The ECRYPT Hash Function Website

Jump to: navigation, search

Contents

1 The algorithm


Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque - SIMD Is a Message Digest
Submission to NIST (Round 2), 2009
[Electronic Edition] [Bibtex]
Author : Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque
Title : SIMD Is a Message Digest
In : Submission to NIST (Round 2) -

Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque - SIMD Is a Message Digest
Submission to NIST (Round 1), 2008
[Electronic Edition] [Bibtex]
Author : Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque
Title : SIMD Is a Message Digest
In : Submission to NIST (Round 1) -


2 Cryptanalysis

We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.

A description of the tables is given here.

Recommended security parameter: total number of steps = 32

2.1 Hash function

Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.

Type of Analysis Hash Size (n) Parameters Compression Function Calls Memory Requirements Reference


2.2 Building blocks

Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.

Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
distinguisher(1) compression All Full 1 - Bouillaguet, Fouque,Leurent
free-start near-collision compression 256 20 steps 2107 - Yu, Wang
free-start near-collision compression 512 24 steps 2208 - Yu, Wang
distinguisher(1) compression 512 full 2398 - Yu, Wang
distinguisher(1) compression 512 12 steps 2236 - Nikolić,Pieprzyk,Sokołowski,Steinfeld
distinguisher(1) compression 512 linear message exp., 24 steps 2497 - Nikolić,Pieprzyk,Sokołowski,Steinfeld
distinguisher(1) compression 512 full (Round 1) 5*2425.28 - Mendel, Nad

(1)The SIMD team commented on distinguishers in this paper.

Charles Bouillaguet, Pierre-Alain Fouque, Gaëtan Leurent - Security Analysis of SIMD
Cryptology ePrint Archive, Report 2010/323, 2010
[Electronic Edition] [Bibtex]
Author : Charles Bouillaguet, Pierre-Alain Fouque, Gaëtan Leurent
Title : Security Analysis of SIMD
In : Cryptology ePrint Archive, Report 2010/323 -

Hongbo Yu, Xiaoyun Wang - Cryptanalysis of the Compression Function of SIMD
Cryptology ePrint Archive, Report 2010/304, 2010
[Electronic Edition] [Bibtex]
Author : Hongbo Yu, Xiaoyun Wang
Title : Cryptanalysis of the Compression Function of SIMD
In : Cryptology ePrint Archive, Report 2010/304 -
[Abstract]

Ivica Nikolić, Josef Pieprzyk, Przemysław Sokołowski, Ron Steinfeld - Rotational Cryptanalysis of (Modified) Versions of BMW and SIMD
Available online, 2010
[Electronic Edition] [Bibtex]
Author : Ivica Nikolić, Josef Pieprzyk, Przemysław Sokołowski, Ron Steinfeld
Title : Rotational Cryptanalysis of (Modified) Versions of BMW and SIMD
In : Available online -
[Abstract]

Florian Mendel, Tomislav Nad - A Distinguisher for the Compression Function of SIMD-512
In Proceedings of INDOCRYPT, LNCS 5922, pp. 219-232, Springer, 2009
[Electronic Edition] [Bibtex]
Author : Florian Mendel, Tomislav Nad
Title : A Distinguisher for the Compression Function of SIMD-512
In : In Proceedings of INDOCRYPT -
[Abstract]
Personal tools