Difference between revisions of "HAS-V"
From The ECRYPT Hash Function Website
Npramstaller (talk | contribs) |
(→Best Known Results) |
||
(6 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Specification == | == Specification == | ||
− | + | * digest size: 128 - 320 bits | |
− | * digest size: | ||
* max. message length: < 2<sup>64</sup> bits | * max. message length: < 2<sup>64</sup> bits | ||
− | * compression function: | + | * compression function: 1024-bit message block, 320-bit chaining variable |
− | * Specification: | + | * Specification: |
− | --> | + | <bibtex> |
+ | @inproceedings{sacryptParkHL00, | ||
+ | author = {Nan Kyoung Park and Joon Ho Hwang and Pil Joong Lee}, | ||
+ | title = {HAS-V: A New Hash Function with Variable Output Length}, | ||
+ | booktitle = {Selected Areas in Cryptography}, | ||
+ | year = {2000}, | ||
+ | pages = {202-216}, | ||
+ | url = {http://link.springer.de/link/service/series/0558/bibs/2012/20120202.htm}, | ||
+ | editor = {Douglas R. Stinson and Stafford E. Tavares}, | ||
+ | publisher = {Springer}, | ||
+ | series = {LNCS}, | ||
+ | volume = {2012}, | ||
+ | isbn = {3-540-42069-X}, | ||
+ | abstract = {Hash functions play an essential role in many areas of cryptographic applications such as digital signature, authentication, and key derivation. In this paper, we propose a new hash function with variable output length, namely HAS-V, to meet the needs of various security levels desired among different applications. A great deal of attention was paid to balance the characteristics of security and performance. The use of message expansion, 4-variable Boolean functions, variable and fixed amounts of shifts, and interrelated parallel lines provide a high level of security for HAS-V. Experiments show that HAS-V is about 19% faster than SHA-1, 31% faster than RIPEMD-160, and 26% faster than HAVAL on a Pentium PC.}, | ||
+ | } | ||
+ | </bibtex> | ||
== Cryptanalysis == | == Cryptanalysis == | ||
Line 12: | Line 26: | ||
=== Best Known Results === | === Best Known Results === | ||
− | + | Mendel and Rijmen show weaknesses in the compression function of HAS-V. They present pseudo-collisions for HAS-V for all output sizes. Furthermore, they show a preimage and second preimage attack on HAS-V (with output size >160) with complexity of about 2<sup>162</sup> compression function evaluations. | |
---- | ---- | ||
Line 34: | Line 48: | ||
=== Others === | === Others === | ||
+ | <bibtex> | ||
+ | @inproceedings{iciscMendelR07a, | ||
+ | author = {Florian Mendel and Vincent Rijmen}, | ||
+ | title = {Weaknesses in the HAS-V Compression Function}, | ||
+ | booktitle = {ICISC}, | ||
+ | year = {2007}, | ||
+ | pages = {335-345}, | ||
+ | url = {http://dx.doi.org/10.1007/978-3-540-76788-6_27}, | ||
+ | editor = {Kil-Hyun Nam and Gwangsoo Rhee}, | ||
+ | publisher = {Springer}, | ||
+ | series = {LNCS}, | ||
+ | volume = {4817}, | ||
+ | isbn = {978-3-540-76787-9}, | ||
+ | abstract = {HAS-V is a cryptographic hash function which processes 1024-bit message blocks and produces a hash value of variable length. The design of the hash function is based on design principles of the MD4 family. Recently, weaknesses have been shown in members of this family. Therefore, the analysis of the HAS-V hash function is of great interest. To the best of our knowledge this is the first article that investigates the security of the HAS-V hash function. In this article, we point out several structural weaknesses in HAS-V which lead to pseudo-collision attacks on HAS-V with tailored output. Furthermore, we show that (second) preimages can be found for HAS-V with a complexity of about 2^{162} hash computations.}, | ||
+ | } | ||
+ | </bibtex> |
Latest revision as of 12:49, 10 November 2008
Contents
1 Specification
- digest size: 128 - 320 bits
- max. message length: < 264 bits
- compression function: 1024-bit message block, 320-bit chaining variable
- Specification:
Nan Kyoung Park, Joon Ho Hwang, Pil Joong Lee - HAS-V: A New Hash Function with Variable Output Length
- Selected Areas in Cryptography 2012:202-216,2000
- http://link.springer.de/link/service/series/0558/bibs/2012/20120202.htm
BibtexAuthor : Nan Kyoung Park, Joon Ho Hwang, Pil Joong Lee
Title : HAS-V: A New Hash Function with Variable Output Length
In : Selected Areas in Cryptography -
Address :
Date : 2000
2 Cryptanalysis
2.1 Best Known Results
Mendel and Rijmen show weaknesses in the compression function of HAS-V. They present pseudo-collisions for HAS-V for all output sizes. Furthermore, they show a preimage and second preimage attack on HAS-V (with output size >160) with complexity of about 2162 compression function evaluations.
2.2 Generic Attacks
2.3 Collision Attacks
2.4 Second Preimage Attacks
2.5 Preimage Attacks
2.6 Others
Florian Mendel, Vincent Rijmen - Weaknesses in the HAS-V Compression Function