Difference between revisions of "Groestl"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) m |
(Some notes on Grøstl) |
||
| Line 24: | Line 24: | ||
|- | |- | ||
| observation || block cipher || all || || || || [http://www.larc.usp.br/~pbarreto/Grizzly.pdf Barreto] | | observation || block cipher || all || || || || [http://www.larc.usp.br/~pbarreto/Grizzly.pdf Barreto] | ||
| + | |- | ||
| + | | observation || hash || all || || || || [http://ehash.iaik.tugraz.at/uploads/d/d0/Grostl-comment-april28.pdf Kelsey] | ||
|- | |- | ||
| semi-free-start collision || compression || 256 || 6 rounds || 2<sup>120</sup> || 2<sup>64</sup> || [http://online.tu-graz.ac.at/tug_online/voe_main2.getVollText?pDocumentNr=99359 Mendel,Rechberger,Schläffer,Thomsen] | | semi-free-start collision || compression || 256 || 6 rounds || 2<sup>120</sup> || 2<sup>64</sup> || [http://online.tu-graz.ac.at/tug_online/voe_main2.getVollText?pDocumentNr=99359 Mendel,Rechberger,Schläffer,Thomsen] | ||
|- | |- | ||
| − | |} | + | |} |
| − | + | ||
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | ||
| Line 40: | Line 42: | ||
year = {2008}, | year = {2008}, | ||
abstract = {An alternative view of the Groestl SHA-3 submission is presented. It does not lead to an effective attack nor reveals a weakness in the design, but illustrates the importance of the double-width pipe in this construction.}, | abstract = {An alternative view of the Groestl SHA-3 submission is presented. It does not lead to an effective attack nor reveals a weakness in the design, but illustrates the importance of the double-width pipe in this construction.}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{groestlK09, | ||
| + | author = {John Kelsey}, | ||
| + | title = {Some notes on Grøstl}, | ||
| + | url = {http://ehash.iaik.tugraz.at/uploads/d/d0/Grostl-comment-april28.pdf}, | ||
| + | howpublished = {Available online}, | ||
| + | year = {2009}, | ||
| + | abstract = {These are some quick notes on some properties and observations of Grøstl. Nothing in this note threatens the hash function; instead, I'm pointing out some properties that are a bit surprising, and some broad approaches someone might take to get attacks to work.}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
Revision as of 08:39, 29 April 2009
1 The algorithm
- Author(s): Praveen Gauravaram, Lars R. Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen
- Website: http://www.groestl.info
- NIST submission package: Grostl.zip
Praveen Gauravaram, Lars R. Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen - Grøstl -- a SHA-3 candidate
- ,2008
- http://www.groestl.info/Groestl.pdf
BibtexAuthor : Praveen Gauravaram, Lars R. Knudsen, Krystian Matusiewicz, Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen
Title : Grøstl -- a SHA-3 candidate
In : -
Address :
Date : 2008
2 Cryptanalysis
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| observation | block cipher | all | Barreto | |||
| observation | hash | all | Kelsey | |||
| semi-free-start collision | compression | 256 | 6 rounds | 2120 | 264 | Mendel,Rechberger,Schläffer,Thomsen |
A description of this table is given here.
Paulo S. L. M. Barreto - An observation on Grøstl
- ,2008
- http://www.larc.usp.br/~pbarreto/Grizzly.pdf
BibtexAuthor : Paulo S. L. M. Barreto
Title : An observation on Grøstl
In : -
Address :
Date : 2008
John Kelsey - Some notes on Grøstl
- ,2009
- http://ehash.iaik.tugraz.at/uploads/d/d0/Grostl-comment-april28.pdf
BibtexAuthor : John Kelsey
Title : Some notes on Grøstl
In : -
Address :
Date : 2009
Florian Mendel, Christian Rechberger, Martin Schläffer, Søren S. Thomsen - The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
