Difference between revisions of "Dynamic SHA2"

From The ECRYPT Hash Function Website
m
m (Fixed eprint number)
 
(8 intermediate revisions by 3 users not shown)
Line 5: Line 5:
 
* Website:
 
* Website:
 
-->
 
-->
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/DyamicSHA_2.zip DyamicSHA2.zip]
+
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/DynamicSHA_2.zip DyamicSHA2.zip]
  
  
 
<bibtex>
 
<bibtex>
@misc{sha3,
+
@misc{sha3Xu08a,
 
   author    = {Zijie Xu},
 
   author    = {Zijie Xu},
 
   title    = {Dynamic SHA2},
 
   title    = {Dynamic SHA2},
   url        = {},
+
   url        = {http://ehash.iaik.tugraz.at/uploads/5/5b/DyamicSHA2.pdf},
 
   howpublished = {Submission to NIST},
 
   howpublished = {Submission to NIST},
 
   year      = {2008},
 
   year      = {2008},
 
}
 
}
 
</bibtex>
 
</bibtex>
 +
  
 
== Cryptanalysis ==
 
== Cryptanalysis ==
  
* None yet
+
{| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"                 
 +
|- style="background:#efefef;"                 
 +
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference
 +
|-                   
 +
| length-extension || hash || all ||  || - || - || [http://ehash.iaik.tugraz.at/uploads/0/0e/Dynamic-sha2_length-extension.txt Klima]
 +
|-                   
 +
| near-collision || compression || 224/256 ||  || 2<sup>45</sup> || - || [http://eprint.iacr.org/2009/179.pdf Yu,Wang]
 +
|-
 +
| near-collision || compression || 384/512 ||  || 2<sup>75</sup> || - || [http://eprint.iacr.org/2009/179.pdf Yu,Wang]
 +
|-         
 +
| style="background:orange" | collision || hash || 224/256 ||  || 2<sup>51</sup> || - || [http://eprint.iacr.org/2009/184.pdf Aumasson,Dunkelman,Indesteege,Preneel]
 +
|-     
 +
| style="background:orange" | collision || hash || 384/512 ||  || 2<sup>85</sup> || - || [http://eprint.iacr.org/2009/184.pdf Aumasson,Dunkelman,Indesteege,Preneel]
 +
|- 
 +
|}                   
 +
 
 +
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
 +
 
 +
 
 +
<bibtex>
 +
@misc{DynamicSHA2K08,
 +
  author    = {Vlastimil Klima},
 +
  title    = {Dynamic SHA2 is vulnerable to generic attacks},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/0/0e/Dynamic-sha2_length-extension.txt},
 +
  howpublished = {OFFICIAL COMMENT (local link)},
 +
  year = {2008},
 +
}
 +
</bibtex>
 +
 
 +
<bibtex>
 +
@misc{DynamicSHA2YW09,
 +
    author = {Hongbo Yu and Xiaoyun Wang},
 +
    title = {Near-Collision Attack on the Compression Function of Dynamic SHA2},
 +
    howpublished = {Cryptology ePrint Archive, Report 2009/179},
 +
    year = {2009},
 +
    url = {http://eprint.iacr.org/2009/179.pdf},
 +
    note = {\url{http://eprint.iacr.org/}},
 +
    abstract = {In this paper, we present a near-collision attack on the compression functions of Dynamic SHA2 for all the output sizes. For the Dynamic SHA2-224/256, the complexity is about $2^{45}$ operations and for the Dynamic SHA2-384/512, the complexity is about $2^{75}$.},
 +
}
 +
</bibtex>
 +
 
 +
<bibtex>
 +
@misc{DynamicSHA2ADIP09,
 +
    author = {Jean-Philippe Aumasson and Orr Dunkelman and Sebastiaan Indesteege and Bart Preneel},
 +
    title = {Cryptanalysis of Dynamic SHA(2)},
 +
    howpublished = {Cryptology ePrint Archive, Report 2009/184},
 +
    year = {2009},
 +
    url = {http://eprint.iacr.org/2009/184.pdf},
 +
    note = {\url{http://eprint.iacr.org/}},
 +
    abstract = {In this paper, we analyze the hash functions Dynamic SHA
 +
and Dynamic SHA2, which have been selected as first round candidates
 +
in the NIST Hash Competition. These two hash functions rely heavily
 +
on data-dependent rotations, similar to the ones used in certain block ci-
 +
phers, e.g., RC5. Our analysis suggests that in the case of hash functions,
 +
where the attacker has more control over the rotations, this approach is
 +
less favorable, as we present practical, or close to practical, collision at-
 +
tacks on both Dynamic SHA and Dynamic SHA2. Moreover, we present
 +
a preimage attack on Dynamic SHA that is faster than exhaustive search.},
 +
}
 +
</bibtex>

Latest revision as of 11:49, 3 May 2009

1 The algorithm


Zijie Xu - Dynamic SHA2

,2008
http://ehash.iaik.tugraz.at/uploads/5/5b/DyamicSHA2.pdf
Bibtex
Author : Zijie Xu
Title : Dynamic SHA2
In : -
Address :
Date : 2008


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
length-extension hash all - - Klima
near-collision compression 224/256 245 - Yu,Wang
near-collision compression 384/512 275 - Yu,Wang
collision hash 224/256 251 - Aumasson,Dunkelman,Indesteege,Preneel
collision hash 384/512 285 - Aumasson,Dunkelman,Indesteege,Preneel

A description of this table is given here.


Vlastimil Klima - Dynamic SHA2 is vulnerable to generic attacks

,2008
http://ehash.iaik.tugraz.at/uploads/0/0e/Dynamic-sha2_length-extension.txt
Bibtex
Author : Vlastimil Klima
Title : Dynamic SHA2 is vulnerable to generic attacks
In : -
Address :
Date : 2008

Hongbo Yu, Xiaoyun Wang - Near-Collision Attack on the Compression Function of Dynamic SHA2

,2009
http://eprint.iacr.org/2009/179.pdf
Bibtex
Author : Hongbo Yu, Xiaoyun Wang
Title : Near-Collision Attack on the Compression Function of Dynamic SHA2
In : -
Address :
Date : 2009

Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan Indesteege, Bart Preneel - Cryptanalysis of Dynamic SHA(2)

,2009
http://eprint.iacr.org/2009/184.pdf
Bibtex
Author : Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan Indesteege, Bart Preneel
Title : Cryptanalysis of Dynamic SHA(2)
In : -
Address :
Date : 2009