Difference between revisions of "Dynamic SHA2"

Revision as of 16:00, 30 April 2009

1 The algorithm

Author(s): Zijie Xu
NIST submission package: DyamicSHA2.zip

Zijie Xu - Dynamic SHA2

,2008

http://ehash.iaik.tugraz.at/uploads/5/5b/DyamicSHA2.pdf
Bibtex

Author : Zijie Xu
Title : Dynamic SHA2
In : -
Address :
Date : 2008

2 Cryptanalysis

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
length-extension	hash	all		-	-	Klima
near-collision	compression	224/256		2⁴⁵	-	Yu,Wang
near-collision	compression	384/512		2⁷⁵	-	Yu,Wang
collision	hash	224/256		2⁵¹	-	Aumasson,Dunkelman,Indesteege,Preneel
collision	hash	384/512		2⁸⁵	-	Aumasson,Dunkelman,Indesteege,Preneel

A description of this table is given here.

Vlastimil Klima - Dynamic SHA2 is vulnerable to generic attacks

,2008

http://ehash.iaik.tugraz.at/uploads/0/0e/Dynamic-sha2_length-extension.txt
Bibtex

Author : Vlastimil Klima
Title : Dynamic SHA2 is vulnerable to generic attacks
In : -
Address :
Date : 2008

Hongbo Yu, Xiaoyun Wang - Near-Collision Attack on the Compression Function of Dynamic SHA2

,2009

http://eprint.iacr.org/2009/179.pdf
Bibtex

Author : Hongbo Yu, Xiaoyun Wang
Title : Near-Collision Attack on the Compression Function of Dynamic SHA2
In : -
Address :
Date : 2009

Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan Indesteege, Bart Preneel - Cryptanalysis of Dynamic SHA(2)

,2009

http://eprint.iacr.org/2009/217.pdf
Bibtex

Author : Jean-Philippe Aumasson, Orr Dunkelman, Sebastiaan Indesteege, Bart Preneel
Title : Cryptanalysis of Dynamic SHA(2)
In : -
Address :
Date : 2009

@@ Line 30: / Line 30: @@
 |-
 | near-collision || compression || 384/512 ||  || 2<sup>75</sup> || - || [http://eprint.iacr.org/2009/179.pdf Yu,Wang]
 |-
+| style="background:orange" | collision || hash || 224/256 ||  || 2<sup>51</sup> || - || [http://eprint.iacr.org/2009/217.pdf Aumasson,Dunkelman,Indesteege,Preneel]
+|-
+| style="background:orange" | collision || hash || 384/512 ||  || 2<sup>85</sup> || - || [http://eprint.iacr.org/2009/217.pdf Aumasson,Dunkelman,Indesteege,Preneel]
+|-
 |}
@@ Line 47: / Line 51: @@
 <bibtex>
-@misc{cryptoeprint:2009:179,
+@misc{DynamicSHA2YW09,
      author = {Hongbo Yu and Xiaoyun Wang},
      title = {Near-Collision Attack on the Compression Function of Dynamic SHA2},
@@ Line 55: / Line 59: @@
      note = {\url{http://eprint.iacr.org/}},
      abstract = {In this paper, we present a near-collision attack on the compression functions of Dynamic SHA2 for all the output sizes. For the Dynamic SHA2-224/256, the complexity is about $2^{45}$ operations and for the Dynamic SHA2-384/512, the complexity is about $2^{75}$.},
+}
+</bibtex>
+<bibtex>
+@misc{DynamicSHA2ADIP09,
+    author = {Jean-Philippe Aumasson and Orr Dunkelman and Sebastiaan Indesteege and Bart Preneel},
+    title = {Cryptanalysis of Dynamic SHA(2)},
+    howpublished = {Cryptology ePrint Archive, Report 2009/217},
+    year = {2009},
+    url = {http://eprint.iacr.org/2009/217.pdf},
+    note = {\url{http://eprint.iacr.org/}},
+    abstract = {In this paper, we analyze the hash functions Dynamic SHA
+and Dynamic SHA2, which have been selected as first round candidates
+in the NIST Hash Competition. These two hash functions rely heavily
+on data-dependent rotations, similar to the ones used in certain block ci-
+phers, e.g., RC5. Our analysis suggests that in the case of hash functions,
+where the attacker has more control over the rotations, this approach is
+less favorable, as we present practical, or close to practical, collision at-
+tacks on both Dynamic SHA and Dynamic SHA2. Moreover, we present
+a preimage attack on Dynamic SHA that is faster than exhaustive search.},
 }
 </bibtex>

Difference between revisions of "Dynamic SHA2"

Revision as of 16:00, 30 April 2009

1 The algorithm

2 Cryptanalysis

Navigation menu

Views

Personal tools

Navigation

Search

Tools