Difference between revisions of "JH"

Revision as of 14:39, 8 January 2009

1 The algorithm

Author(s): Hongjun Wu
Website: http://icsd.i2r.a-star.edu.sg/staff/hongjun/jh/
NIST submission package: JH.zip

Hongjun Wu - The Hash Function JH

,2008

http://icsd.i2r.a-star.edu.sg/staff/hongjun/jh/jh.pdf
Bibtex

Author : Hongjun Wu
Title : The Hash Function JH
In : -
Address :
Date : 2008

2 Cryptanalysis

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
pseudo-collision	compression	all		-	-	Bagheri
pseudo-2nd preimage	compression	all		-	-	Bagheri
preimage	hash	512		2^510.3 (MA: 2⁵²⁴, CMP: 2⁵²⁴)	2^510.3 (Wu: 2^510.6)	Mendel,Thomsen, Wu⁽¹⁾

A description of this table is given here.

⁽¹⁾ Wu has analyzed the memory requirements, memory accesses (MA) and comparisions (CMP) of the attack by Mendel and Thomsen in detail.

Nasour Bagheri - Pseudo-collision and pseudo-second preimage on JH

,2008

http://ehash.iaik.tugraz.at/uploads/a/a8/Jh1.txt
Bibtex

Author : Nasour Bagheri
Title : Pseudo-collision and pseudo-second preimage on JH
In : -
Address :
Date : 2008

Florian Mendel, Søren S. Thomsen - An Observation on JH-512

,2008

http://ehash.iaik.tugraz.at/uploads/d/da/Jh_preimage.pdf
Bibtex

Author : Florian Mendel, Søren S. Thomsen
Title : An Observation on JH-512
In : -
Address :
Date : 2008

Hongjun Wu - The Complexity of Mendel and Thomsen's Preimage Attack on JH-512

,2009

http://ehash.iaik.tugraz.at/uploads/6/6f/Jh_mt_complexity.pdf
Bibtex

Author : Hongjun Wu
Title : The Complexity of Mendel and Thomsen's Preimage Attack on JH-512
In : -
Address :
Date : 2009

@@ Line 27: / Line 27: @@
 |  | pseudo-2nd preimage || compression || all ||  || - || - || [http://ehash.iaik.tugraz.at/uploads/a/a8/Jh1.txt Bagheri]
 |-
-|  style="background:greenyellow" | preimage || hash || 512 ||  || 2<sup>510.3</sup> || 2<sup>510.3</sup> || [http://ehash.iaik.tugraz.at/uploads/d/da/Jh_preimage.pdf Mendel,Thomsen]
+|  style="background:greenyellow" | preimage || hash || 512 ||  || 2<sup>510.3</sup> (MA: 2<sup>524</sup>, CMP: 2<sup>524</sup>) || 2<sup>510.3</sup> (Wu: 2<sup>510.6</sup>) || [http://ehash.iaik.tugraz.at/uploads/d/da/Jh_preimage.pdf Mendel,Thomsen], [http://ehash.iaik.tugraz.at/uploads/6/6f/Jh_mt_complexity.pdf Wu]<sup>(1)</sup>
 |-
 |}
@@ Line 33: / Line 33: @@
 A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
+<sup>(1)</sup> Wu has analyzed the memory requirements, memory accesses (MA) and comparisions (CMP) of the attack by Mendel and Thomsen in detail.
 <bibtex>
@@ Line 56: / Line 57: @@
 properties in the design principles of JH-512 which do not exist in other hash functions, e.g., the
 SHA-2 family.},
+}
+</bibtex>
+<bibtex>
+@misc{MT08,
+  author    = {Hongjun Wu},
+  title     = {The Complexity of Mendel and Thomsen's Preimage Attack on JH-512},
+  url = {http://ehash.iaik.tugraz.at/uploads/6/6f/Jh_mt_complexity.pdf},
+  howpublished = {Available online},
+  year = {2009},
+  abstract  = {Mendel and Thomsen gave a preimage attack on JH-512 by finding a preimage through the collision search over the space of $2^{1024} elements. However, they did not estimate the cost of the collision search which is the most expensive part in their attack. Our analysis shows that their attack requires at least $2^{510.3}$ compression function computations, $2^{510.6}$ memory ($2^{516.6}$ bytes), $2^{524}$ memory accesses and $2^{524}$ comparisons. Such complexity is far more expensive than brute force
+attack which requires $2^{512}$ compression function computations and almost no memory.},
 }
 </bibtex>

Difference between revisions of "JH"

Revision as of 14:39, 8 January 2009

1 The algorithm

2 Cryptanalysis

Navigation menu

Views

Personal tools

Navigation

Search

Tools