Difference between revisions of "JH"

From The ECRYPT Hash Function Website
(correct placement of rec sec par)
m
Line 40: Line 40:
 
Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.
 
Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.
  
{| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"                   
+
{| border="1" cellpadding="4" cellspacing="0" class="wikitable sortable" style="text-align:center"                   
 
|- style="background:#efefef;"                   
 
|- style="background:#efefef;"                   
 
|  Type of Analysis || Hash Size (n) || Parameters || Compression Function Calls || Memory Requirements ||  Reference  
 
|  Type of Analysis || Hash Size (n) || Parameters || Compression Function Calls || Memory Requirements ||  Reference  
Line 59: Line 59:
 
Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).  
 
Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).  
  
{| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"                   
+
{| border="1" cellpadding="4" cellspacing="0" class="wikitable sortable" style="text-align:center"                   
 
|- style="background:#efefef;"                   
 
|- style="background:#efefef;"                   
 
|  Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference  
 
|  Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference  

Revision as of 14:55, 5 July 2010

1 The algorithm


Hongjun Wu - The Hash Function JH

,2009
http://icsd.i2r.a-star.edu.sg/staff/hongjun/jh/jh_round2.pdf
Bibtex
Author : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2009

Hongjun Wu - The Hash Function JH

,2008
http://icsd.i2r.a-star.edu.sg/staff/hongjun/jh/jh.pdf
Bibtex
Author : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2008


2 Cryptanalysis

We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.

A description of the tables is given here.

Recommended security parameter: 35.5 rounds

2.1 Hash function

Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.

Type of Analysis Hash Size (n) Parameters Compression Function Calls Memory Requirements Reference
preimage 512 2507 2507 Bhattacharyya et al.
preimage(1) 512 2510.3 (+ 2524 MA + 2524 CMP) 2510.3 (Wu: 2510.6) Mendel,Thomsen, Wu

(1) Wu has analyzed the exact memory requirements, additional memory accesses (MA) and comparisons (CMP) of the attack by Mendel and Thomsen.


2.2 Building blocks

Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.

Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
semi-free-start collision hash 256 16 rounds 2178.24 2101.12 Rijmen,Toz,Varıcı
semi-free-start near collision compression function 256 19 rounds 2156.77 2143.70 Rijmen,Toz,Varıcı
semi-free-start near collision compression function 256 22 rounds 2156.56 2143.70 Rijmen,Toz,Varıcı
pseudo-collision compression function all - - Bagheri
pseudo-2nd preimage compression all - - Bagheri


Rishiraj Bhattacharyya, Avradip Mandal, Mridul Nandi - Security Analysis of the Mode of JH Hash Function

FSE ,2010
http://www.isical.ac.in/~rishi_r/FSE2010-146.pdf
Bibtex
Author : Rishiraj Bhattacharyya, Avradip Mandal, Mridul Nandi
Title : Security Analysis of the Mode of JH Hash Function
In : FSE -
Address :
Date : 2010

Vincent Rijmen, Denis Toz, Kerem Varıcı - Rebound Attack on Reduced-Round Versions of JH

FSE ,2010
http://www.cosic.esat.kuleuven.be/publications/article-1431.pdf
Bibtex
Author : Vincent Rijmen, Denis Toz, Kerem Varıcı
Title : Rebound Attack on Reduced-Round Versions of JH
In : FSE -
Address :
Date : 2010

Nasour Bagheri - Pseudo-collision and pseudo-second preimage on JH

,2008
http://ehash.iaik.tugraz.at/uploads/a/a8/Jh1.txt
Bibtex
Author : Nasour Bagheri
Title : Pseudo-collision and pseudo-second preimage on JH
In : -
Address :
Date : 2008

Florian Mendel, Søren S. Thomsen - An Observation on JH-512

,2008
http://ehash.iaik.tugraz.at/uploads/d/da/Jh_preimage.pdf
Bibtex
Author : Florian Mendel, Søren S. Thomsen
Title : An Observation on JH-512
In : -
Address :
Date : 2008

Hongjun Wu - The Complexity of Mendel and Thomsen's Preimage Attack on JH-512

,2009
http://ehash.iaik.tugraz.at/uploads/6/6f/Jh_mt_complexity.pdf
Bibtex
Author : Hongjun Wu
Title : The Complexity of Mendel and Thomsen's Preimage Attack on JH-512
In : -
Address :
Date : 2009