Difference between revisions of "LUX"
From The ECRYPT Hash Function Website
m |
Mschlaeffer (talk | contribs) (distinguisher by Schmidt-Nielsen added) |
||
| Line 31: | Line 31: | ||
|- | |- | ||
| | free-start preimage || compression || ? || || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu] | | | free-start preimage || compression || ? || || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu] | ||
| + | |- | ||
| + | | | distinguisher || reduced hash || 256 || 8 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad] | ||
| + | |- | ||
| + | | | distinguisher || reduced hash || 512 || 9 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad] | ||
|- | |- | ||
| | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin] | | | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin] | ||
| Line 47: | Line 51: | ||
year = {2008}, | year = {2008}, | ||
abstract = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.}, | abstract = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{luxS09, | ||
| + | author = {Peter Schmidt-Nielsen}, | ||
| + | title = {A distinguisher for reduced-round LUX}, | ||
| + | url = {http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf}, | ||
| + | howpublished = {NIST mailing list (local link)}, | ||
| + | year = {2009}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
| + | @misc{luxB09, | ||
| + | author = {Tor E. Bjørstad}, | ||
| + | title = {A distinguisher for reduced-round LUX (source code)}, | ||
| + | url = {http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip}, | ||
| + | howpublished = {NIST mailing list (local link)}, | ||
| + | year = {2009}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
Revision as of 09:20, 9 April 2009
1 The algorithm
- Author(s): Ivica Nikolić, Alex Biryukov, and Dmitry Khovratovich
- Website: http://cryptolux.org/LUX
- NIST submission package: LUX.zip
Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich - Hash family LUX - Algorithm Specifications and
Supporting Documentation
- ,2008
- http://ehash.iaik.tugraz.at/uploads/f/f3/LUX.pdf
BibtexAuthor : Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich
Title : Hash family LUX - Algorithm Specifications and Supporting Documentation
In : -
Address :
Date : 2008
2 Cryptanalysis
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| collision | reduced hash | 224 | 3 blank rounds | - | - | Wu,Feng,Wu |
| near-collision | reduced hash | 256 | 3 blank rounds | - | - | Wu,Feng,Wu |
| free-start collision | compression | ? | - | - | Wu,Feng,Wu | |
| free-start preimage | compression | ? | 280 | - | Wu,Feng,Wu | |
| distinguisher | reduced hash | 256 | 8 blank rounds | example, 28 | - | Schmidt-Nielsen,Bjørstad |
| distinguisher | reduced hash | 512 | 9 blank rounds | example, 28 | - | Schmidt-Nielsen,Bjørstad |
| slide-attack | hash | all | salt size: 31 mod 32 | - | - | Peyrin |
A description of this table is given here.
Shuang Wu, Dengguo Feng, Wenling Wu - Cryptanalysis of the Hash Function LUX-256
- ,2008
- http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf
BibtexAuthor : Shuang Wu, Dengguo Feng, Wenling Wu
Title : Cryptanalysis of the Hash Function LUX-256
In : -
Address :
Date : 2008
Peter Schmidt-Nielsen - A distinguisher for reduced-round LUX
- ,2009
- http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf
BibtexAuthor : Peter Schmidt-Nielsen
Title : A distinguisher for reduced-round LUX
In : -
Address :
Date : 2009
Tor E. Bjørstad - A distinguisher for reduced-round LUX (source code)
- ,2009
- http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip
BibtexAuthor : Tor E. Bjørstad
Title : A distinguisher for reduced-round LUX (source code)
In : -
Address :
Date : 2009
Thomas Peyrin - Slide attacks on LUX
