Difference between revisions of "GOST"
From The ECRYPT Hash Function Website
(→Others) |
(→Best Known Results) |
||
(One intermediate revision by the same user not shown) | |||
Line 14: | Line 14: | ||
=== Best Known Results === | === Best Known Results === | ||
+ | The best collision attack on GOST was published by Mendel et al. It has complexity of 2<sup>105</sup> compression function evaluations. The best preimage and second preimage attack has complexity of 2<sup>192</sup> compression function evaluations. | ||
---- | ---- | ||
Latest revision as of 12:03, 10 November 2008
Contents
1 Specification
- digest size: 256 bits
- compression function: 256-bit message block, 256-bit chaining variable
- Specification:
2 Cryptanalysis
2.1 Best Known Results
The best collision attack on GOST was published by Mendel et al. It has complexity of 2105 compression function evaluations. The best preimage and second preimage attack has complexity of 2192 compression function evaluations.
2.2 Generic Attacks
2.3 Collision Attacks
Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt - Cryptanalysis of the GOST Hash Function
- CRYPTO 5157:162-178,2008
- http://dx.doi.org/10.1007/978-3-540-85174-5_10
BibtexAuthor : Florian Mendel, Norbert Pramstaller, Christian Rechberger, Marcin Kontak, Janusz Szmidt
Title : Cryptanalysis of the GOST Hash Function
In : CRYPTO -
Address :
Date : 2008
2.4 Second Preimage Attacks
2.5 Preimage Attacks
Florian Mendel, Norbert Pramstaller, Christian Rechberger - A (Second) Preimage Attack on the GOST Hash Function
- FSE 5086:224-234,2008
- http://dx.doi.org/10.1007/978-3-540-71039-4_14
BibtexAuthor : Florian Mendel, Norbert Pramstaller, Christian Rechberger
Title : A (Second) Preimage Attack on the GOST Hash Function
In : FSE -
Address :
Date : 2008
2.6 Others
Praveen Gauravaram, John Kelsey - Linear-XOR and Additive Checksums Don't Protect Damg{\aa}rd-Merkle Hashes from Generic Attacks