Difference between revisions of "Blue Midnight Wish"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) m |
m (A Note on Linear Approximations of BLUE MIDNIGHT WISH Cryptographic Hash Function) |
||
| Line 70: | Line 70: | ||
|- style="background:#efefef;" | |- style="background:#efefef;" | ||
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | | Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | ||
| − | |- | + | |- |
| − | | | + | | observation || hash || 256,512 || (Round 2) || - || - || [http://eprint.iacr.org/2009/453.pdf Klima,Susil] |
|- | |- | ||
| pseudo-collision || hash || all || (Round 1) || 2<sup>3n/8+1</sup>|| - || [http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-pseudo.pdf Thomsen] | | pseudo-collision || hash || all || (Round 1) || 2<sup>3n/8+1</sup>|| - || [http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-pseudo.pdf Thomsen] | ||
| Line 77: | Line 77: | ||
| pseudo-preimage || hash || all || (Round 1) || 2<sup>3n/4+1</sup> || - || [http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-pseudo.pdf Thomsen] | | pseudo-preimage || hash || all || (Round 1) || 2<sup>3n/4+1</sup> || - || [http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-pseudo.pdf Thomsen] | ||
|- | |- | ||
| + | | near-collision || compression || all || (Round 1) || example || - || [http://www2.mat.dtu.dk/people/S.Thomsen/bmw/nc-compress.pdf Thomsen] | ||
| + | |- | ||
|} | |} | ||
| − | |||
| − | |||
| − | |||
<bibtex> | <bibtex> | ||
| − | @misc{ | + | @misc{cryptoeprint:2009:453, |
| − | + | author = {Vlastimil Klima and Petr Susil}, | |
| − | + | title = {A Note on Linear Approximations of BLUE MIDNIGHT WISH Cryptographic Hash Function}, | |
| − | + | howpublished = {Cryptology ePrint Archive, Report 2009/453}, | |
| − | + | year = {2009}, | |
| − | + | url = {http://eprint.iacr.org/2009/453.pdf}, | |
| + | abstract = {Abstract. BLUE MIDNIGHT WISH hash function is the fastest among 14 algorithms in the second round of SHA-3 competition [1]. At the beginning of this round authors were invited to add some tweaks before September 15th 2009. In this paper we discuss the tweaked version (BMW). The BMW algorithm [3] is of the type AXR, since it uses only operations ADD (sub), XOR and ROT (shift). If we substitute the operation ADD with operation XOR, we get a BMWlin, which is an affine transformation. In this paper we consider only a BMWlin function and its building blocks. These affine transformations can be represented as a linear matrix and a constant vector. We found that all matrices of main blocks of BMWlin have a full rank, or they have a rank very close to full rank. The structure of matrices was examined. Matrices of elementary blocks have an expected non-random structure, while main blocks have a random structure. We will also show matrices for different values of security parameter ExpandRounds1 (values between 0 and 16). We observed that increasing the number of rounds ExpandRounds1 tends to increase randomness as was intended by designers. These observations hold for both BMW256lin and BMW512lin. In this analysis we did not find any useful property, which would help in cryptanalysis, nor did we find any weaknesses of BMW. The study of all building blocks will follow.} | ||
} | } | ||
</bibtex> | </bibtex> | ||
| Line 100: | Line 100: | ||
year = {2009}, | year = {2009}, | ||
abstract ={We describe pseudo-collision and pseudo-(second) preimage attacks on the SHA-3 candidate Blue Midnight Wish. The complexity of the pseudo-collision attack is around 2^{3n/8+1}, and the complexity of the pseudo-(second) preimage attack is around 2^{3n/4+1}.}, | abstract ={We describe pseudo-collision and pseudo-(second) preimage attacks on the SHA-3 candidate Blue Midnight Wish. The complexity of the pseudo-collision attack is around 2^{3n/8+1}, and the complexity of the pseudo-(second) preimage attack is around 2^{3n/4+1}.}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{Thomsen-bmw-nc-compress, | ||
| + | author = {Søren S. Thomsen}, | ||
| + | title = {A near-collision attack on the Blue Midnight Wish compression function}, | ||
| + | url = {http://www2.mat.dtu.dk/people/S.Thomsen/bmw/nc-compress.pdf}, | ||
| + | howpublished = {Version 2.0, available online}, | ||
| + | year = {2008}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
Revision as of 12:26, 15 February 2010
1 The algorithm
- Author(s): Danilo Gligoroski, Vlastimil Klima, Svein Johan Knapskog, Mohamed El-Hadedy, Jørn Amundsen, Stig Frode Mjølsnes
- Website: http://www.q2s.ntnu.no/sha3_nist_competition/start
- NIST submission package:
- round 1: Blue_Midnight_Wish.zip
- round 2: Blue_Midnight_Wish_Round2.zip
Danilo Gligoroski, Vlastimil Klima, Svein Johan Knapskog, Mohamed El-Hadedy, J\orn Amundsen, Stig Frode Mj\olsnes - Cryptographic Hash Function BLUE MIDNIGHT WISH
- ,2009
- http://people.item.ntnu.no/~danilog/Hash/BMW-SecondRound/Supporting_Documentation/BlueMidnightWishDocumentation.pdf
BibtexAuthor : Danilo Gligoroski, Vlastimil Klima, Svein Johan Knapskog, Mohamed El-Hadedy, J\orn Amundsen, Stig Frode Mj\olsnes
Title : Cryptographic Hash Function BLUE MIDNIGHT WISH
In : -
Address :
Date : 2009
Danilo Gligoroski, Vlastimil Klima - A Document describing all modifications made on the Blue Midnight Wish cryptographic hash function before entering the Second Round of SHA-3 hash competition
- ,2009
- http://people.item.ntnu.no/~danilog/Hash/BMW-SecondRound/Supporting_Documentation/Round2Mods.pdf
BibtexAuthor : Danilo Gligoroski, Vlastimil Klima
Title : A Document describing all modifications made on the Blue Midnight Wish cryptographic hash function before entering the Second Round of SHA-3 hash competition
In : -
Address :
Date : 2009
Danilo Gligoroski, Vlastimil Klima, Svein Johan Knapskog, Mohamed El-Hadedy, J\orn Amundsen, Stig Frode Mj\olsnes - Cryptographic Hash Function BLUE MIDNIGHT WISH
- ,2008
- http://people.item.ntnu.no/~danilog/Hash/BMW/Supporting_Documentation/BlueMidnightWishDocumentation.pdf
BibtexAuthor : Danilo Gligoroski, Vlastimil Klima, Svein Johan Knapskog, Mohamed El-Hadedy, J\orn Amundsen, Stig Frode Mj\olsnes
Title : Cryptographic Hash Function BLUE MIDNIGHT WISH
In : -
Address :
Date : 2008
2 Cryptanalysis
We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.
A description of the tables is given here.
2.1 Hash function
Here we list results on the actual hash function. The only allowed modification is to change the security parameter.
Recommended security parameter: Expandrounds1 = 2
| Type of Analysis | Hash Size (n) | Parameters | Compression Function Calls | Memory Requirements | Reference |
2.2 Building blocks
Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.
Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| observation | hash | 256,512 | (Round 2) | - | - | Klima,Susil |
| pseudo-collision | hash | all | (Round 1) | 23n/8+1 | - | Thomsen |
| pseudo-preimage | hash | all | (Round 1) | 23n/4+1 | - | Thomsen |
| near-collision | compression | all | (Round 1) | example | - | Thomsen |
Vlastimil Klima, Petr Susil - A Note on Linear Approximations of BLUE MIDNIGHT WISH Cryptographic Hash Function
- ,2009
- http://eprint.iacr.org/2009/453.pdf
BibtexAuthor : Vlastimil Klima, Petr Susil
Title : A Note on Linear Approximations of BLUE MIDNIGHT WISH Cryptographic Hash Function
In : -
Address :
Date : 2009
Søren S. Thomsen - Pseudo-cryptanalysis of Blue Midnight Wish
- ,2009
- http://www.mat.dtu.dk/people/S.Thomsen/bmw/bmw-pseudo.pdf
BibtexAuthor : Søren S. Thomsen
Title : Pseudo-cryptanalysis of Blue Midnight Wish
In : -
Address :
Date : 2009
Søren S. Thomsen - A near-collision attack on the Blue Midnight Wish compression function
