Difference between revisions of "HAVAL"
From The ECRYPT Hash Function Website
(→Collision Attacks) |
(→Second Preimage Attacks) |
||
| (6 intermediate revisions by 2 users not shown) | |||
| Line 5: | Line 5: | ||
* max. message length: < 2<sup>64</sup> bits | * max. message length: < 2<sup>64</sup> bits | ||
* compression function: 1024-bit message block, 3/4/5 passes with 256-bit chaining variable | * compression function: 1024-bit message block, 3/4/5 passes with 256-bit chaining variable | ||
| − | * Specification: | + | * Specification: http://labs.calyptix.com/haval.php |
<bibtex> | <bibtex> | ||
| Line 37: | Line 37: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| + | <bibtex> | ||
| + | @inproceedings{iciscYuW07, | ||
| + | author = {Hongbo Yu and Xiaoyun Wang}, | ||
| + | title = {Multi-collision Attack on the Compression Functions of MD4 and 3-Pass HAVAL}, | ||
| + | booktitle = {ICISC}, | ||
| + | year = {2007}, | ||
| + | pages = {206-226}, | ||
| + | url = {http://dx.doi.org/10.1007/978-3-540-76788-6_17}, | ||
| + | editor = {Kil-Hyun Nam and Gwangsoo Rhee}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {4817}, | ||
| + | isbn = {978-3-540-76787-9}, | ||
| + | abstract = {In this paper, we present a new type of multi-collision attack on the compression functions of both MD4 and 3-Pass HAVAL. Different from Joux’s multi-collision attack, our method focuses on the multi-collision of the compression function. For MD4, we utilize two different feasible collision differential paths to find a 4-collision with about 221 MD4 computations. For 3-Pass HAVAL, we can find a 4-collision with complexity about 2^{30} and a 8-near-collision with complexity 2^9.}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | <bibtex> | ||
| + | @inproceedings{fseYuWYP06, | ||
| + | author = {Hongbo Yu and Xiaoyun Wang and Aaram Yun and Sangwoo Park}, | ||
| + | title = {Cryptanalysis of the Full HAVAL with 4 and 5 Passes}, | ||
| + | pages = {89-110}, | ||
| + | booktitle = {FSE}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {4047}, | ||
| + | year = {2006}, | ||
| + | isbn = {3-540-36597-4}, | ||
| + | url = {http://dx.doi.org/10.1007/11799313_7}, | ||
| + | abstract = {HAVAL is a cryptographic hash function with variable digest size proposed | ||
| + | by Zheng, Pieprzyk and Seberry in 1992. It has three variants, 3-, 4-, and 5-pass HAVAL. | ||
| + | Previous results on HAVAL suggested only practical collision attacks for 3-pass HAVAL. | ||
| + | In this paper, we present collision attacks for 4 and 5 pass HAVAL. For 4-pass HAVAL, | ||
| + | we describe two practical attacks for finding 2-block collisions, one with 2<sup>43</sup> computations | ||
| + | and the other with 2<sup>36</sup> computations. In addition, we show that collisions for 5-pass HAVAL | ||
| + | can be found with about 2<sup>123</sup> computations, which is the first attack more efficient than | ||
| + | the birthday attack. Keywords: Hash function, collision, differential path, message modification. } | ||
| + | } | ||
| + | </bibtex> | ||
<bibtex> | <bibtex> | ||
@inproceedings{asiacryptRompayBPV03, | @inproceedings{asiacryptRompayBPV03, | ||
| Line 58: | Line 96: | ||
=== Second Preimage Attacks === | === Second Preimage Attacks === | ||
| + | |||
| + | <bibtex> | ||
| + | @inproceedings{fseLeeCKSH08, | ||
| + | author = {Eunjin Lee and Donghoon Chang and Jongsung Kim and Jaechul Sung and Seokhie Hong}, | ||
| + | title = {Second Preimage Attack on 3-Pass HAVAL and Partial Key-Recovery Attacks on HMAC/NMAC-3-Pass HAVAL}, | ||
| + | booktitle = {FSE}, | ||
| + | year = {2008}, | ||
| + | pages = {189-206}, | ||
| + | abstract = {In 1992, Zheng, Pieprzyk and Seberry proposed a one-way hashing algorithm called HAVAL, which compresses a message of arbitrary length into a digest of 128, 160, 192, 224 or 256 bits. It operates in so called passes where each pass contains 32 steps. The number of passes can be chosen equal to 3, 4 or 5. In this paper, we devise a new differential path of 3-pass HAVAL with probability 2^-114, which allows us to design a second preimage attack on 3-pass HAVAL and partial key recovery attacks on HMAC/NMAC-3-pass HAVAL. Our partial key-recovery attack works with 2^122 oracle queries, 5·2^32 memory bytes and 2^96 3-pass HAVAL computations. }, | ||
| + | url = {http://dx.doi.org/10.1007/978-3-540-71039-4_12}, | ||
| + | editor = {Kaisa Nyberg}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {5086}, | ||
| + | isbn = {978-3-540-71038-7}, | ||
| + | } | ||
| + | </bibtex> | ||
---- | ---- | ||
Latest revision as of 11:30, 10 November 2008
Contents
1 Specification
- digest size: 128,160,192,224,256 bits
- max. message length: < 264 bits
- compression function: 1024-bit message block, 3/4/5 passes with 256-bit chaining variable
- Specification: http://labs.calyptix.com/haval.php
Yuliang Zheng, Josef Pieprzyk, Jennifer Seberry - HAVAL - A One-Way Hashing Algorithm with Variable Length of Output
- ASIACRYPT 718:83-104,1993
- http://dx.doi.org/10.1007/3-540-57220-1
BibtexAuthor : Yuliang Zheng, Josef Pieprzyk, Jennifer Seberry
Title : HAVAL - A One-Way Hashing Algorithm with Variable Length of Output
In : ASIACRYPT -
Address :
Date : 1993
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
Hongbo Yu, Xiaoyun Wang - Multi-collision Attack on the Compression Functions of MD4 and 3-Pass HAVAL
- ICISC 4817:206-226,2007
- http://dx.doi.org/10.1007/978-3-540-76788-6_17
BibtexAuthor : Hongbo Yu, Xiaoyun Wang
Title : Multi-collision Attack on the Compression Functions of MD4 and 3-Pass HAVAL
In : ICISC -
Address :
Date : 2007
Hongbo Yu, Xiaoyun Wang, Aaram Yun, Sangwoo Park - Cryptanalysis of the Full HAVAL with 4 and 5 Passes
- FSE 4047:89-110,2006
- http://dx.doi.org/10.1007/11799313_7
BibtexAuthor : Hongbo Yu, Xiaoyun Wang, Aaram Yun, Sangwoo Park
Title : Cryptanalysis of the Full HAVAL with 4 and 5 Passes
In : FSE -
Address :
Date : 2006
Bart Van Rompay, Alex Biryukov, Bart Preneel, Joos Vandewalle - Cryptanalysis of 3-Pass HAVAL
- ASIACRYPT 2894:228-245,2003
- http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=2894{\&}spage=228
BibtexAuthor : Bart Van Rompay, Alex Biryukov, Bart Preneel, Joos Vandewalle
Title : Cryptanalysis of 3-Pass HAVAL
In : ASIACRYPT -
Address :
Date : 2003
2.4 Second Preimage Attacks
Eunjin Lee, Donghoon Chang, Jongsung Kim, Jaechul Sung, Seokhie Hong - Second Preimage Attack on 3-Pass HAVAL and Partial Key-Recovery Attacks on HMAC/NMAC-3-Pass HAVAL
- FSE 5086:189-206,2008
- http://dx.doi.org/10.1007/978-3-540-71039-4_12
BibtexAuthor : Eunjin Lee, Donghoon Chang, Jongsung Kim, Jaechul Sung, Seokhie Hong
Title : Second Preimage Attack on 3-Pass HAVAL and Partial Key-Recovery Attacks on HMAC/NMAC-3-Pass HAVAL
In : FSE -
Address :
Date : 2008
