Difference between revisions of "HAS-V"

From The ECRYPT Hash Function Website
(Others)
(Best Known Results)
 
Line 26: Line 26:
  
 
=== Best Known Results ===
 
=== Best Known Results ===
 
+
Mendel and Rijmen show weaknesses in the compression function of HAS-V. They present pseudo-collisions for HAS-V for all output sizes. Furthermore, they show a preimage and second preimage attack on HAS-V (with output size >160) with complexity of about 2<sup>162</sup> compression function evaluations.
 
----
 
----
  

Latest revision as of 12:49, 10 November 2008

1 Specification

  • digest size: 128 - 320 bits
  • max. message length: < 264 bits
  • compression function: 1024-bit message block, 320-bit chaining variable
  • Specification:

Nan Kyoung Park, Joon Ho Hwang, Pil Joong Lee - HAS-V: A New Hash Function with Variable Output Length

Selected Areas in Cryptography 2012:202-216,2000
http://link.springer.de/link/service/series/0558/bibs/2012/20120202.htm
Bibtex
Author : Nan Kyoung Park, Joon Ho Hwang, Pil Joong Lee
Title : HAS-V: A New Hash Function with Variable Output Length
In : Selected Areas in Cryptography -
Address :
Date : 2000

2 Cryptanalysis

2.1 Best Known Results

Mendel and Rijmen show weaknesses in the compression function of HAS-V. They present pseudo-collisions for HAS-V for all output sizes. Furthermore, they show a preimage and second preimage attack on HAS-V (with output size >160) with complexity of about 2162 compression function evaluations.


2.2 Generic Attacks


2.3 Collision Attacks


2.4 Second Preimage Attacks


2.5 Preimage Attacks


2.6 Others

Florian Mendel, Vincent Rijmen - Weaknesses in the HAS-V Compression Function

ICISC 4817:335-345,2007
http://dx.doi.org/10.1007/978-3-540-76788-6_27
Bibtex
Author : Florian Mendel, Vincent Rijmen
Title : Weaknesses in the HAS-V Compression Function
In : ICISC -
Address :
Date : 2007