Difference between revisions of "LANE"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) (analysis updated) |
(→Cryptanalysis: added Naya-Plasencia results) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 4: | Line 4: | ||
* Website: [http://www.cosic.esat.kuleuven.be/lane/ http://www.cosic.esat.kuleuven.be/lane/] | * Website: [http://www.cosic.esat.kuleuven.be/lane/ http://www.cosic.esat.kuleuven.be/lane/] | ||
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/LANE.zip LANE.zip] | * NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/LANE.zip LANE.zip] | ||
| − | + | ||
<bibtex> | <bibtex> | ||
| Line 15: | Line 15: | ||
} | } | ||
</bibtex> | </bibtex> | ||
| + | |||
== Cryptanalysis == | == Cryptanalysis == | ||
| Line 21: | Line 22: | ||
|- style="background:#efefef;" | |- style="background:#efefef;" | ||
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | | Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | ||
| − | |- | + | |- |
| + | | semi-free-start collision || compression || 224,256 || 6 P-rounds || 2<sup>80</sup> || 2<sup>66</sup> || [http://eprint.iacr.org/20010/607.pdf Naya-Plasencia] | ||
| + | |- | ||
| + | | semi-free-start collision || compression || 512 || 8 P-rounds || 2<sup>224</sup> || 2<sup>64</sup> || [http://eprint.iacr.org/2010/607.pdf Naya-Plasencia] | ||
| + | |- | ||
| collision || hash || 384,512 || 3 P-rounds || 2<sup>94</sup> || 2<sup>133</sup> || [http://sac.ucalgary.ca/sites/sac.math.ucalgary.ca/files/u5/09_swu.pdf Wu,Feng,Wu] | | collision || hash || 384,512 || 3 P-rounds || 2<sup>94</sup> || 2<sup>133</sup> || [http://sac.ucalgary.ca/sites/sac.math.ucalgary.ca/files/u5/09_swu.pdf Wu,Feng,Wu] | ||
|- | |- | ||
| Line 36: | Line 41: | ||
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{cryptoeprint:2010:607, | ||
| + | author = {María Naya-Plasencia}, | ||
| + | title = {Scrutinizing rebound attacks: new algorithms for improving the complexities}, | ||
| + | howpublished = {Cryptology ePrint Archive, Report 2010/607}, | ||
| + | year = {2010}, | ||
| + | note = {\url{http://eprint.iacr.org/}}, | ||
| + | url = {http://eprint.iacr.org/2010/607.pdf}, | ||
| + | abstract = {Rebound attacks are a state-of-the-art analysis method for hash functions. These cryptanalysis methods are based on a well chosen differential path and have been applied to several hash functions from the SHA-3 competition, providing the best known analysis in these cases. In this paper we study rebound attacks in detail and find for a great number of cases, that complexities of existing attacks can be improved. This is done by determining problems that adapt optimally to the cryptanalytic situation, and by using better algorithms to follow the differential path. These improvements are essentially based on merging big lists in a more efficient way, as well as on new ideas on how to reduce the complexities. As a result, we introduce general purpose new algorithms for enabling further rebound analysis to be as performant as possible. We illustrate our new algorithms for real hash functions and demonstrate how to reduce the complexities of the best known analysis on five hash functions: JH, Grøstl, ECHO, Luffa and Lane (the first four are round two SHA-3 candidates).}, | ||
| + | } | ||
| + | </bibtex> | ||
<bibtex> | <bibtex> | ||
Latest revision as of 16:17, 7 December 2010
1 The algorithm
- Author(s): Sebastiaan Indesteege, Elena Andreeva, Christophe De Cannière, Orr Dunkelman, Emilia Käsper, Svetla Nikova, Bart Preneel, Elmar Tischhauser
- Website: http://www.cosic.esat.kuleuven.be/lane/
- NIST submission package: LANE.zip
Sebastiaan Indesteege - The LANE hash function
- ,2008
- http://www.cosic.esat.kuleuven.be/publications/article-1181.pdf
BibtexAuthor : Sebastiaan Indesteege
Title : The LANE hash function
In : -
Address :
Date : 2008
2 Cryptanalysis
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| semi-free-start collision | compression | 224,256 | 6 P-rounds | 280 | 266 | Naya-Plasencia |
| semi-free-start collision | compression | 512 | 8 P-rounds | 2224 | 264 | Naya-Plasencia |
| collision | hash | 384,512 | 3 P-rounds | 294 | 2133 | Wu,Feng,Wu |
| semi-free-start collision | compression | 224,256 | 3 P-rounds | 262 | 269 | Wu,Feng,Wu |
| semi-free-start collision | compression | 384,512 | 3 P-rounds | 262 | 269 | Wu,Feng,Wu |
| semi-free-start collision | compression | 224,256 | 6 P-rounds | 296 | 288 | Matusiewicz,Naya-Plasencia,Nikolic,Sasaki,Schläffer |
| semi-free-start collision | compression | 512 | 8 P-rounds | 2224 | 2128 | Matusiewicz,Naya-Plasencia,Nikolic,Sasaki,Schläffer |
A description of this table is given here.
María Naya-Plasencia - Scrutinizing rebound attacks: new algorithms for improving the complexities
- ,2010
- http://eprint.iacr.org/2010/607.pdf
BibtexAuthor : María Naya-Plasencia
Title : Scrutinizing rebound attacks: new algorithms for improving the complexities
In : -
Address :
Date : 2010
Shuang Wu, Dengguo Feng, Wenling Wu - Cryptanalysis of the LANE Hash Function
- ,2009
- http://sac.ucalgary.ca/sites/sac.math.ucalgary.ca/files/u5/09_swu.pdf
BibtexAuthor : Shuang Wu, Dengguo Feng, Wenling Wu
Title : Cryptanalysis of the LANE Hash Function
In : -
Address :
Date : 2009
Krystian Matusiewicz, Maria Naya-Plasencia, Ivica Nikolic, Yu Sasaki, Martin Schläffer - Rebound Attack on the Full LANE Compression Function
