Difference between revisions of "JH"
Mschlaeffer (talk | contribs) m (link to JH website corrected) |
Mschlaeffer (talk | contribs) |
||
| Line 4: | Line 4: | ||
* Website: [http://www3.ntu.edu.sg/home/wuhj/research/jh/ http://www3.ntu.edu.sg/home/wuhj/research/jh/] | * Website: [http://www3.ntu.edu.sg/home/wuhj/research/jh/ http://www3.ntu.edu.sg/home/wuhj/research/jh/] | ||
* NIST submission package: | * NIST submission package: | ||
| + | ** round 3: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/documents/JH_FinalRnd.zip JH_FinalRnd.zip] | ||
** round 1/2: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/documents/JH_Round2.zip JH_Round2.zip] (old versions: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/JH.zip JH.zip], [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/JHUpdate.zip JHUpdate.zip]) | ** round 1/2: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/documents/JH_Round2.zip JH_Round2.zip] (old versions: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/JH.zip JH.zip], [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/JHUpdate.zip JHUpdate.zip]) | ||
| Line 11: | Line 12: | ||
author = {Hongjun Wu}, | author = {Hongjun Wu}, | ||
title = {The Hash Function JH}, | title = {The Hash Function JH}, | ||
| − | url = {http:// | + | url = {http://www3.ntu.edu.sg/home/wuhj/research/jh/jh_round3.pdf}, |
| + | howpublished = {Submission to NIST (round 3)}, | ||
| + | year = {2011}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{sha3W09a, | ||
| + | author = {Hongjun Wu}, | ||
| + | title = {The Hash Function JH}, | ||
| + | url = {http://ehash.iaik.tugraz.at/uploads/1/1d/Jh20090915.pdf}, | ||
| + | howpublished = {Submission to NIST (updated for round 2)}, | ||
| + | year = {2009}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{sha3W09, | ||
| + | author = {Hongjun Wu}, | ||
| + | title = {The Hash Function JH}, | ||
| + | url = {http://ehash.iaik.tugraz.at/uploads/1/1f/Jh20090115.pdf}, | ||
howpublished = {Submission to NIST (updated)}, | howpublished = {Submission to NIST (updated)}, | ||
year = {2009}, | year = {2009}, | ||
| Line 21: | Line 42: | ||
author = {Hongjun Wu}, | author = {Hongjun Wu}, | ||
title = {The Hash Function JH}, | title = {The Hash Function JH}, | ||
| − | url = {http:// | + | url = {http://ehash.iaik.tugraz.at/uploads/8/8f/Jh.pdf}, |
howpublished = {Submission to NIST}, | howpublished = {Submission to NIST}, | ||
year = {2008}, | year = {2008}, | ||
| Line 34: | Line 55: | ||
A description of the tables is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | A description of the tables is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | ||
| − | Recommended security parameter: ''' | + | Recommended security parameter: '''42''' rounds |
=== Hash function === | === Hash function === | ||
Revision as of 10:06, 21 March 2011
1 The algorithm
- Author(s): Hongjun Wu
- Website: http://www3.ntu.edu.sg/home/wuhj/research/jh/
- NIST submission package:
- round 3: JH_FinalRnd.zip
- round 1/2: JH_Round2.zip (old versions: JH.zip, JHUpdate.zip)
Hongjun Wu - The Hash Function JH
- ,2011
- http://www3.ntu.edu.sg/home/wuhj/research/jh/jh_round3.pdf
BibtexAuthor : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2011
Hongjun Wu - The Hash Function JH
- ,2009
- http://ehash.iaik.tugraz.at/uploads/1/1d/Jh20090915.pdf
BibtexAuthor : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2009
Hongjun Wu - The Hash Function JH
- ,2009
- http://ehash.iaik.tugraz.at/uploads/1/1f/Jh20090115.pdf
BibtexAuthor : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2009
Hongjun Wu - The Hash Function JH
- ,2008
- http://ehash.iaik.tugraz.at/uploads/8/8f/Jh.pdf
BibtexAuthor : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2008
2 Cryptanalysis
We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.
A description of the tables is given here.
Recommended security parameter: 42 rounds
2.1 Hash function
Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.
| Type of Analysis | Hash Size (n) | Parameters | Compression Function Calls | Memory Requirements | Reference |
| preimage | 512 | 2507 | 2507 | Bhattacharyya et al. | |
| preimage(1) | 512 | 2510.3 (+ 2524 MA + 2524 CMP) | 2510.3 (Wu: 2510.6) | Mendel,Thomsen, Wu |
(1) Wu has analyzed the exact memory requirements, additional memory accesses (MA) and comparisons (CMP) of the attack by Mendel and Thomsen.
2.2 Building blocks
Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.
Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| semi-free-start collision | compression function | 256 | 16 rounds | 296.12 | 296.12 | Naya-Plasencia |
| semi-free-start near collision | compression function | 256 | 22 rounds | 295.63 | 295.63 | Naya-Plasencia |
| semi-free-start near collision | compression function | all | 10 rounds | 223.24 | - | Turan,Uyan |
| semi-free-start collision | hash | 256 | 16 rounds | 2178.24 | 2101.12 | Rijmen,Toz,Varıcı |
| semi-free-start near collision | compression function | 256 | 22 rounds | 2156.77 | 2143.70 | Rijmen,Toz,Varıcı |
| semi-free-start near collision | compression function | 256 | 22 rounds | 2156.56 | 2143.70 | Rijmen,Toz,Varıcı |
| pseudo-collision | compression function | all | - | - | Bagheri | |
| pseudo-2nd preimage | compression | all | - | - | Bagheri |
María Naya-Plasencia - Scrutinizing rebound attacks: new algorithms for improving the complexities
- ,2010
- http://eprint.iacr.org/2010/607.pdf
BibtexAuthor : María Naya-Plasencia
Title : Scrutinizing rebound attacks: new algorithms for improving the complexities
In : -
Address :
Date : 2010
Meltem Sönmez Turan, Erdener Uyan - Practical Near-Collisions for Reduced Round Blake, Fugue, Hamsi and JH
- ,2010
- http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/Aug2010/documents/papers/TURAN_Paper_Erdener.pdf
BibtexAuthor : Meltem Sönmez Turan, Erdener Uyan
Title : Practical Near-Collisions for Reduced Round Blake, Fugue, Hamsi and JH
In : -
Address :
Date : 2010
Rishiraj Bhattacharyya, Avradip Mandal, Mridul Nandi - Security Analysis of the Mode of JH Hash Function
- FSE ,2010
- http://www.isical.ac.in/~rishi_r/FSE2010-146.pdf
BibtexAuthor : Rishiraj Bhattacharyya, Avradip Mandal, Mridul Nandi
Title : Security Analysis of the Mode of JH Hash Function
In : FSE -
Address :
Date : 2010
Vincent Rijmen, Denis Toz, Kerem Varıcı - Rebound Attack on Reduced-Round Versions of JH
- FSE ,2010
- http://www.cosic.esat.kuleuven.be/publications/article-1431.pdf
BibtexAuthor : Vincent Rijmen, Denis Toz, Kerem Varıcı
Title : Rebound Attack on Reduced-Round Versions of JH
In : FSE -
Address :
Date : 2010
Nasour Bagheri - Pseudo-collision and pseudo-second preimage on JH
- ,2008
- http://ehash.iaik.tugraz.at/uploads/a/a8/Jh1.txt
BibtexAuthor : Nasour Bagheri
Title : Pseudo-collision and pseudo-second preimage on JH
In : -
Address :
Date : 2008
Florian Mendel, Søren S. Thomsen - An Observation on JH-512
- ,2008
- http://ehash.iaik.tugraz.at/uploads/d/da/Jh_preimage.pdf
BibtexAuthor : Florian Mendel, Søren S. Thomsen
Title : An Observation on JH-512
In : -
Address :
Date : 2008
Hongjun Wu - The Complexity of Mendel and Thomsen's Preimage Attack on JH-512
