Difference between revisions of "Hamsi"

Revision as of 10:05, 6 October 2009

1 The algorithm

Author(s): Özgül Kücük
Website: http://homes.esat.kuleuven.be/~okucuk/hamsi/
NIST submission package: Hamsi.zip, HamsiUpdate.zip
an updated reference implementation can be found here (Hamsi website)

Özgül Kücük - The Hash Function Hamsi

,2008

http://ehash.iaik.tugraz.at/uploads/9/95/Hamsi.pdf
Bibtex

Author : Özgül Kücük
Title : The Hash Function Hamsi
In : -
Address :
Date : 2008

2 Cryptanalysis

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
non-randomness	compression function	224, 256	5 rounds			Aumasson
near-collision	compression function	224, 256	3 rounds	2²¹		Nikolic
distinguisher	compression function	224, 256	6 rounds	2²⁷		Aumasson,Meier
distinguisher	compression function	384, 512	12 rounds	2⁷²⁹		Aumasson,Meier
near-collision	compression function	224, 256	3 rounds	2⁵		Wang,Wang,Jia,Wang
near-collision	compression function	224, 256	4 rounds	2³²		Wang,Wang,Jia,Wang
near-collision	compression function	224, 256	5 rounds	2¹²⁵		Wang,Wang,Jia,Wang

A description of this table is given here.

Jean-Philippe Aumasson - On the pseudorandomness of Hamsi

,2009

http://ehash.iaik.tugraz.at/uploads/d/db/Hamsi_nonrandomness.txt
Bibtex

Author : Jean-Philippe Aumasson
Title : On the pseudorandomness of Hamsi
In : -
Address :
Date : 2009

Ivica Nikolic - Near Collisions for the Compression Function of Hamsi-256

,2009

http://rump2009.cr.yp.to/936779b3afb9b48a404b487d6865091d.pdf
Bibtex

Author : Ivica Nikolic
Title : Near Collisions for the Compression Function of Hamsi-256
In : -
Address :
Date : 2009

Jean-Philippe Aumasson, Willi Meier - Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi

,2009

http://www.131002.net/data/papers/AM09.pdf
Bibtex

Author : Jean-Philippe Aumasson, Willi Meier
Title : Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi
In : -
Address :
Date : 2009

Meiqin Wang, Xiaoyun Wang, Keting Jia, Wei Wang - New Pseudo-Near-Collision Attack on Reduced-Round of Hamis-256

,2009

http://eprint.iacr.org/2009/484.pdf
Bibtex

Author : Meiqin Wang, Xiaoyun Wang, Keting Jia, Wei Wang
Title : New Pseudo-Near-Collision Attack on Reduced-Round of Hamis-256
In : -
Address :
Date : 2009

@@ Line 31: / Line 31: @@
 |-
 |   | distinguisher || compression function || 384, 512 || 12 rounds || 2<sup>729</sup> ||  || [http://www.131002.net/data/papers/AM09.pdf Aumasson,Meier]
+|-
+|   | near-collision || compression function || 224, 256 || 3 rounds || 2<sup>5</sup> ||  || [http://eprint.iacr.org/2009/484.pdf Wang,Wang,Jia,Wang]
+|-
+|   | near-collision || compression function || 224, 256 || 4 rounds || 2<sup>32</sup> ||  || [http://eprint.iacr.org/2009/484.pdf Wang,Wang,Jia,Wang]
+|-
+|   | near-collision || compression function || 224, 256 || 5 rounds || 2<sup>125</sup> ||  || [http://eprint.iacr.org/2009/484.pdf Wang,Wang,Jia,Wang]
 |-
 |}
@@ Line 42: / Line 48: @@
    title     = {On the pseudorandomness of Hamsi},
    url        = {http://ehash.iaik.tugraz.at/uploads/d/db/Hamsi_nonrandomness.txt},
-   howpublished = {NIST mailing list (local link)}
+   howpublished = {NIST mailing list (local link)},
    year      = {2009},
+}
 </bibtex>
@@ Line 51: / Line 58: @@
    title     = {Near Collisions for the Compression Function of Hamsi-256},
    url        = {http://rump2009.cr.yp.to/936779b3afb9b48a404b487d6865091d.pdf},
-   howpublished = {CRYPTO rump session}
+   howpublished = {CRYPTO rump session},
    year      = {2009},
+}
 </bibtex>
@@ Line 60: / Line 68: @@
    title     = {Zero-sum distinguishers for reduced Keccak-f and for the core functions of Luffa and Hamsi},
    url        = {http://www.131002.net/data/papers/AM09.pdf},
-   howpublished = {NIST mailing list}
+   howpublished = {NIST mailing list},
    year      = {2009},
    abstract  = {We present a new type of distinguisher, called zero-sum distinguisher, and apply it to reduced versions of the Keccak-f permutation. We obtain practical and deterministic distinguishers on up to 9 rounds, and shortcut distinguishers on up to 16 rounds, out of 18 in total. These observations do not seem to affect the security of Keccak. We also briefly describe application of zero-sum distinguishers to the core permutations of Luffa and Hamsi.},
+}
+</bibtex>
+<bibtex>
+@misc{hamsiWWJW09,
+    author = {Meiqin Wang, Xiaoyun Wang, Keting Jia, Wei Wang},
+    title = {New Pseudo-Near-Collision Attack on Reduced-Round of Hamis-256},
+    howpublished = {Cryptology ePrint Archive, Report 2009/484},
+    year = {2009},
+    url = {http://eprint.iacr.org/2009/484.pdf},
+    note = {\url{http://eprint.iacr.org/}},
+    abstract = {Hamsi-256 is designed by \"{O}zg\"{u}l K\"{u}c\"{u}k and it has been a candidate Hash function for the second round of SHA-3. The compression function of Hamsi-256 maps a 256-bit chaining value and a 32-bit message to a new 256-bit chaining value. As hashing a message, Hamsi-256 operates 3-round except for the last message it operates 6-round. In this paper, we will give the pseudo-near-collision for 5-round Hamsi-256. By the message modifying, the pseudo-near-collision for 3, 4 and 5 rounds can be found with $2^5$, $2^{32}$ and $2^{125}$ compression function computations respectively.},
+}
 </bibtex>

Difference between revisions of "Hamsi"

Revision as of 10:05, 6 October 2009

1 The algorithm

2 Cryptanalysis

Navigation menu

Views

Personal tools

Navigation

Search

Tools