Difference between revisions of "FORK-256"
From The ECRYPT Hash Function Website
(→Collision Attacks) |
(→Collision Attacks) |
||
| Line 51: | Line 51: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| + | <bibtex> | ||
| + | @inproceedings{fseMatusiewiczPBCP07, | ||
| + | author = {Krystian Matusiewicz and Thomas Peyrin and Olivier Billet and Scott Contini and Josef Pieprzyk}, | ||
| + | title = {Cryptanalysis of FORK-256}, | ||
| + | pages = {19-38}, | ||
| + | url = {http://dx.doi.org/10.1007/978-3-540-74619-5_2}, | ||
| + | editor = {Alex Biryukov}, | ||
| + | booktitle = {FSE}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {4593}, | ||
| + | year = {2007}, | ||
| + | isbn = {978-3-540-74617-1}, | ||
| + | abstract = {In this paper we present a cryptanalysis of a | ||
| + | new 256-bit hash function, FORK-256, proposed by Hong et al. at | ||
| + | FSE 2006. This cryptanalysis is based on some unexpected differentials | ||
| + | existing for the step transformation. We show their possible uses in | ||
| + | different attack scenarios by giving a 1-bit (resp. 2-bit) near collision | ||
| + | attack against the full compression function of FORK-256 running with | ||
| + | complexity of 2<sup>125</sup> (resp. 2<sup>120</sup>) and with negligible memory, and by exhibiting | ||
| + | a 22-bit near pseudo-collision. We also show that we can find collisions for | ||
| + | the full compression function with a small amount of memory with complexity not | ||
| + | exceeding 2<sup>126.6</sup> hash evaluations. We further show how to reduce this complexity | ||
| + | to 2<sup>109.6</sup> hash computations by using 2<sup>73</sup> memory words. Finally, we show that | ||
| + | this attack can be extended with no additional cost to find collisions for the | ||
| + | full hash function, i.e. with the predefined IV.}, | ||
| + | } | ||
| + | </bibtex> | ||
<bibtex> | <bibtex> | ||
Revision as of 11:02, 11 March 2008
Contents
1 Specification
- digest size: 256 bits
- max. message length: < 264 bits
- compression function: 512-bit message block, 4 streams with each 256-bit chaining variable
- Specification: http://csrc.nist.gov/groups/ST/hash/documents/Sung_FORK-256.pdf
Deukjo Hong, Donghoon Chang, Jaechul Sung, Sangjin Lee, Seokhie Hong, Jaesang Lee, Dukjae Moon, Sungtaek Chee - A New Dedicated 256-Bit Hash Function: FORK-256
- FSE 4047:195-209,2006
- http://dx.doi.org/10.1007/11799313_13
BibtexAuthor : Deukjo Hong, Donghoon Chang, Jaechul Sung, Sangjin Lee, Seokhie Hong, Jaesang Lee, Dukjae Moon, Sungtaek Chee
Title : A New Dedicated 256-Bit Hash Function: FORK-256
In : FSE -
Address :
Date : 2006
Deukjo Hong, Jaechul Sung, Seokhie Hong, Sangjin Lee, Dukjae Moon - A New Dedicated 256-bit Hash Function: FORK-256
- ,2005
- http://csrc.nist.gov/groups/ST/hash/documents/Sung_FORK-256.pdf
BibtexAuthor : Deukjo Hong, Jaechul Sung, Seokhie Hong, Sangjin Lee, Dukjae Moon
Title : A New Dedicated 256-bit Hash Function: FORK-256
In : -
Address :
Date : 2005
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
Krystian Matusiewicz, Thomas Peyrin, Olivier Billet, Scott Contini, Josef Pieprzyk - Cryptanalysis of FORK-256
- FSE 4593:19-38,2007
- http://dx.doi.org/10.1007/978-3-540-74619-5_2
BibtexAuthor : Krystian Matusiewicz, Thomas Peyrin, Olivier Billet, Scott Contini, Josef Pieprzyk
Title : Cryptanalysis of FORK-256
In : FSE -
Address :
Date : 2007
Florian Mendel, Joseph Lano, Bart Preneel - Cryptanalysis of Reduced Variants of the FORK-256 Hash Function
- CT-RSA 4377:85-100,2007
- http://dx.doi.org/10.1007/11967668_6
BibtexAuthor : Florian Mendel, Joseph Lano, Bart Preneel
Title : Cryptanalysis of Reduced Variants of the FORK-256 Hash Function
In : CT-RSA -
Address :
Date : 2007
