Difference between revisions of "LAKE"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) |
(→Best Known Results) |
||
| (8 intermediate revisions by one other user not shown) | |||
| Line 4: | Line 4: | ||
* max. message length: < 2<sup>64</sup> bits | * max. message length: < 2<sup>64</sup> bits | ||
* compression function: 512-bit message block, 512,1024-bit chaining variable | * compression function: 512-bit message block, 512,1024-bit chaining variable | ||
| − | * Specification: | + | * Specification: |
| + | |||
| + | <bibtex> | ||
| + | @inproceedings{fseAumassonMP08, | ||
| + | author = {Jean-Philippe Aumasson and Willi Meier and Raphael C.-W. Phan}, | ||
| + | title = {The Hash Function Family LAKE}, | ||
| + | booktitle = {FSE}, | ||
| + | year = {2008}, | ||
| + | pages = {36-53}, | ||
| + | url = {http://dx.doi.org/10.1007/978-3-540-71039-4_3}, | ||
| + | editor = {Kaisa Nyberg}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {5086}, | ||
| + | isbn = {978-3-540-71038-7}, | ||
| + | abstract = {This paper advocates a new hash function family based on the HAIFA framework, inheriting built-in randomized hashing and higher security guarantees than the Merkle-Damgard construction against generic attacks. The family has as its special design features: a nested feedforward mechanism and an internal wide-pipe construction within the compression function. As examples, we give two proposed instances that compute 256- and 512-bit digests, with a 8- and 10-round compression function respectively.}, | ||
| + | } | ||
| + | </bibtex> | ||
== Cryptanalysis == | == Cryptanalysis == | ||
| Line 10: | Line 27: | ||
=== Best Known Results === | === Best Known Results === | ||
| + | |||
| + | Collision Attack for LAKE-256 reduced to 4 (out of 8) rounds with complexity of 2<sup>109</sup>. | ||
---- | ---- | ||
| Line 19: | Line 38: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| − | + | <bibtex> | |
| + | @inproceedings{acispMendelS08, | ||
| + | author = {Florian Mendel and Martin Schl{\"a}ffer}, | ||
| + | title = {Collisions for Round-Reduced LAKE}, | ||
| + | booktitle = {ACISP}, | ||
| + | year = {2008}, | ||
| + | pages = {267-281}, | ||
| + | url = {http://www.springerlink.com/content/882420671673224r/}, | ||
| + | editor = {Yi Mu and Willy Susilo and Jennifer Seberry}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {5107}, | ||
| + | isbn = {978-3-540-69971-2}, | ||
| + | abstract = {LAKE is a family of cryptographic hash functions presented at FSE 2008. It is an iterated hash function and defines two main instances with a 256 bit and 512 bit hash value. In this paper, we present the first security analysis of LAKE. We show how collision attacks, exploiting the non-bijectiveness of the internal compression function of LAKE, can be mounted on reduced variants of LAKE. We show an efficient attack on the 256 bit hash function LAKE-256 reduced to 3 rounds and present an actual colliding message pair. Furthermore, we present a theoretical attack on LAKE-256 reduced to 4 rounds with a complexity of $2^{109}$. By using more sophisticated message modification techniques we expect that the attack can be extended to 5 rounds. However, for the moment our approach does not appear to be applicable to the full LAKE-256 hash function (with all 8 rounds).}, | ||
| + | } | ||
| + | </bibtex> | ||
---- | ---- | ||
Latest revision as of 16:47, 3 November 2008
Contents
1 Specification
- digest size: 256,512 bits
- max. message length: < 264 bits
- compression function: 512-bit message block, 512,1024-bit chaining variable
- Specification:
Jean-Philippe Aumasson, Willi Meier, Raphael C.-W. Phan - The Hash Function Family LAKE
- FSE 5086:36-53,2008
- http://dx.doi.org/10.1007/978-3-540-71039-4_3
BibtexAuthor : Jean-Philippe Aumasson, Willi Meier, Raphael C.-W. Phan
Title : The Hash Function Family LAKE
In : FSE -
Address :
Date : 2008
2 Cryptanalysis
2.1 Best Known Results
Collision Attack for LAKE-256 reduced to 4 (out of 8) rounds with complexity of 2109.
2.2 Generic Attacks
2.3 Collision Attacks
Florian Mendel, Martin Schl\"affer - Collisions for Round-Reduced LAKE
- ACISP 5107:267-281,2008
- http://www.springerlink.com/content/882420671673224r/
BibtexAuthor : Florian Mendel, Martin Schl\"affer
Title : Collisions for Round-Reduced LAKE
In : ACISP -
Address :
Date : 2008
