Difference between revisions of "Grindahl-256"

From The ECRYPT Hash Function Website
(Best Known Results)
(Specification)
Line 1: Line 1:
 
== Specification ==
 
== Specification ==
  
<!--
 
 
* digest size: 160 bits
 
* digest size: 160 bits
 
* max. message length: < 2<sup>64</sup> bits
 
* max. message length: < 2<sup>64</sup> bits
 
* compression function: 512-bit message block, 160-bit chaining variable
 
* compression function: 512-bit message block, 160-bit chaining variable
 
* Specification:  
 
* Specification:  
-->
+
 
 +
<bibtex>
 +
@inproceedings{fseKnudsenRT07,
 +
  author    = {Lars R. Knudsen and Christian Rechberger and S{\o}ren S. Thomsen},
 +
  title    = {The Grindahl Hash Functions},
 +
  pages    = {39-57},
 +
  url        = {http://dx.doi.org/10.1007/978-3-540-74619-5_3},
 +
  editor    = {Alex Biryukov},
 +
  booktitle = {FSE},
 +
  publisher = {Springer},
 +
  series    = {LNCS},
 +
  volume    = {4593},
 +
  year      = {2007},
 +
  isbn      = {978-3-540-74617-1},
 +
  abstract  = {In this paper we propose the Grindahl hash functions,
 +
which are based on components of the Rijndael algorithm. To make collision
 +
search sufficiently difficult, this design has the important feature that
 +
no low-weight characteristics form collisions, and at the same time it limits
 +
access to the state. We propose two concrete hash functions, Grindahl-256
 +
and Grindahl-512 with claimed security levels with respect to collision,
 +
preimage and second preimage attacks of 2<sup>128</sup> and 2<sup>256</sup>, respectively. Both
 +
proposals have lower memory requirements than other hash functions at comparable speeds and security levels.},
 +
}
 +
</bibtex>
  
 
== Cryptanalysis ==
 
== Cryptanalysis ==

Revision as of 11:07, 11 March 2008

1 Specification

  • digest size: 160 bits
  • max. message length: < 264 bits
  • compression function: 512-bit message block, 160-bit chaining variable
  • Specification:

Lars R. Knudsen, Christian Rechberger, S\oren S. Thomsen - The Grindahl Hash Functions

FSE 4593:39-57,2007
http://dx.doi.org/10.1007/978-3-540-74619-5_3
Bibtex
Author : Lars R. Knudsen, Christian Rechberger, S\oren S. Thomsen
Title : The Grindahl Hash Functions
In : FSE -
Address :
Date : 2007

2 Cryptanalysis

2.1 Best Known Results

The best collision attack on Grindahl was published by Peyrin. It has complexity of about 2112 hash evaluations.


2.2 Generic Attacks


2.3 Collision Attacks

Thomas Peyrin - Cryptanalysis of Grindahl

ASIACRYPT 4833:551-567,2007
http://dx.doi.org/10.1007/978-3-540-76900-2_34
Bibtex
Author : Thomas Peyrin
Title : Cryptanalysis of Grindahl
In : ASIACRYPT -
Address :
Date : 2007

2.4 Second Preimage Attacks


2.5 Preimage Attacks


2.6 Others