Difference between revisions of "Grindahl-256"

From The ECRYPT Hash Function Website
(Specification)
 
(6 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
== Specification ==
 
== Specification ==
  
Grindahl-256
+
* Specification: [http://www2.mat.dtu.dk/people/Lars.R.Knudsen/grindahl/ Web page of the Grindahl hash functions]
 +
 
 +
 
 +
'''Grindahl-256'''
 
* digest size: 256 bits
 
* digest size: 256 bits
 
* max. message length: < 2<sup>64</sup> bits
 
* max. message length: < 2<sup>64</sup> bits
 
* compression function: 32-bit message block, 52 byte state
 
* compression function: 32-bit message block, 52 byte state
Grindahl-512
 
* digest size: 512 bits
 
* max. message length: < 2<sup>64</sup> bits
 
* compression function: 64-bit message block, 104 byte state
 
 
  
* Specification:
 
  
 
<bibtex>
 
<bibtex>
Line 41: Line 38:
  
 
=== Best Known Results ===
 
=== Best Known Results ===
The best collision attack on Grindahl was published by Peyrin. It has complexity of about 2<sup>112</sup> hash evaluations.  
+
The best collision attack on Grindahl-256 was published by Peyrin. It has complexity of about 2<sup>112</sup> hash evaluations. There are no known preimage-style attacks.
 
 
 
----
 
----
  
 
=== Generic Attacks ===
 
=== Generic Attacks ===
* [[GenericAttacksMerkleDamgaard| Generic Attacks on the Merkle-Damgaard Construction ]]
+
* Grindahl is not a design follwing the Merkle-Damgaard construction principle. [[GenericAttacksHash| Generic Attacks on Hash Functions]]
 +
 
  
 
----
 
----

Latest revision as of 21:32, 16 March 2008

1 Specification


Grindahl-256

  • digest size: 256 bits
  • max. message length: < 264 bits
  • compression function: 32-bit message block, 52 byte state


Lars R. Knudsen, Christian Rechberger, Søren S. Thomsen - The Grindahl Hash Functions

FSE 4593:39-57,2007
http://dx.doi.org/10.1007/978-3-540-74619-5_3
Bibtex
Author : Lars R. Knudsen, Christian Rechberger, Søren S. Thomsen
Title : The Grindahl Hash Functions
In : FSE -
Address :
Date : 2007

2 Cryptanalysis

2.1 Best Known Results

The best collision attack on Grindahl-256 was published by Peyrin. It has complexity of about 2112 hash evaluations. There are no known preimage-style attacks.


2.2 Generic Attacks



2.3 Collision Attacks

Thomas Peyrin - Cryptanalysis of Grindahl

ASIACRYPT 4833:551-567,2007
http://dx.doi.org/10.1007/978-3-540-76900-2_34
Bibtex
Author : Thomas Peyrin
Title : Cryptanalysis of Grindahl
In : ASIACRYPT -
Address :
Date : 2007

2.4 Second Preimage Attacks


2.5 Preimage Attacks


2.6 Others