Talk:Spectral Hash

From The ECRYPT Hash Function Website

Jump to: navigation, search

According to NIST's FR call (section 4.A), it seems that Brandon Enright's partial collisions do break Spectral Hash. The relevant text is this:

"NIST expects the SHA–3 algorithm of message digest size n to meet the following security requirements at a minimum. [...] any result that shows that the candidate algorithm does not meet these requirements will be considered to be a serious attack. [...] Any m-bit hash function specified by taking a fixed subset of the candidate function's output bits is expected to meet the above requirements with m replacing n."

Should Spectral Hash be labeled broken, then?


Personal tools