Difference between revisions of "LUX"

From The ECRYPT Hash Function Website
m
(Specification Update of LUX)
 
(6 intermediate revisions by 4 users not shown)
Line 7: Line 7:
  
 
<bibtex>
 
<bibtex>
@misc{sha3BiryukovKN,
+
@misc{sha3BiryukovKN08,
   author    = {Ivica Nikolić, Alex Biryukov, and Dmitry Khovratovich},
+
   author    = {Ivica Nikolić and Alex Biryukov and Dmitry Khovratovich},
 
   title    = {Hash family LUX - Algorithm Specifications and
 
   title    = {Hash family LUX - Algorithm Specifications and
 
Supporting Documentation},
 
Supporting Documentation},
Line 14: Line 14:
 
   howpublished = {Submission to NIST},
 
   howpublished = {Submission to NIST},
 
   year      = {2008},
 
   year      = {2008},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{sha3BiryukovKN09,
 +
  author    = {Ivica Nikolić and Alex Biryukov and Dmitry Khovratovich},
 +
  title    = {Specification Update of the Hash Family LUX},
 +
  url        = {http://ehash.iaik.tugraz.at/uploads/c/c6/LUXadd.pdf},
 +
  howpublished = {Available online (local link)},
 +
  year      = {2009},
 
}
 
}
 
</bibtex>
 
</bibtex>
Line 31: Line 41:
 
|-                     
 
|-                     
 
|  | free-start preimage || compression || ? ||  || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu]
 
|  | free-start preimage || compression || ? ||  || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu]
 +
|- 
 +
|  | distinguisher || hash|| all ||  || - || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu],[http://ehash.iaik.tugraz.at/uploads/7/78/Lux_nicky.txt Mouha]
 +
|-                 
 +
|  | distinguisher || reduced hash || 256 || 8 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad]
 +
|-                   
 +
|  | distinguisher || reduced hash || 512 || 9 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad]
 
|-                     
 
|-                     
 
|  | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin]
 
|  | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin]
|-                                    
+
|-    
 +
| style="background:orange"  | collision|| hash || 256 || || 2<sup>100</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe],[http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson]
 +
|-
 +
| style="background:orange"  | second preimage|| hash || 256 || || 2<sup>200</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe]
 +
|-
 +
| style="background:orange"  | collision|| hash || 512|| || 2<sup>228</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe],[http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson]
 +
|-
 +
| style="background:orange"  | second preimage|| hash || 512|| || 2<sup>456</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe]
 +
|- 
 +
|  | distinguisher || HMAC, DRBG|| all ||  || - || - || [http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson]
 +
|-                               
 
|}                     
 
|}                     
  
Line 47: Line 73:
 
   year      = {2008},
 
   year      = {2008},
 
   abstract  = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.},
 
   abstract  = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{luxS09,
 +
  author    = {Peter Schmidt-Nielsen},
 +
  title    = {A distinguisher for reduced-round LUX},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf},
 +
  howpublished = {NIST mailing list (local link)},
 +
  year = {2009},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{luxB09,
 +
  author    = {Tor E. Bjørstad},
 +
  title    = {A distinguisher for reduced-round LUX (source code)},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip},
 +
  howpublished = {NIST mailing list (local link)},
 +
  year = {2009},
 
}
 
}
 
</bibtex>
 
</bibtex>
Line 57: Line 103:
 
   howpublished = {NIST mailing list (local link)},
 
   howpublished = {NIST mailing list (local link)},
 
   year = {2008},
 
   year = {2008},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{luxD09,
 +
  author    = {Watanabe Dai},
 +
  title    = {OFFICIAL COMMENT: LUX},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt},
 +
  howpublished = {NIST mailing list (local link)},
 +
  year = {2009},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{luxF09,
 +
  author    = {Niels Ferguson},
 +
  title    = {RE: OFFICIAL COMMENT: LUX},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt},
 +
  howpublished = {NIST mailing list (local link)},
 +
  year = {2009},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{luxM09,
 +
  author    = {Nicky Mouha},
 +
  title    = {RE: OFFICIAL COMMENT: LUX},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/7/78/Lux_nicky.txt},
 +
  howpublished = {NIST mailing list (local link)},
 +
  year = {2009},
 
}
 
}
 
</bibtex>
 
</bibtex>

Latest revision as of 09:00, 5 May 2009

1 The algorithm


Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich - Hash family LUX - Algorithm Specifications and

Supporting Documentation

,2008
http://ehash.iaik.tugraz.at/uploads/f/f3/LUX.pdf
Bibtex
Author : Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich
Title : Hash family LUX - Algorithm Specifications and Supporting Documentation
In : -
Address :
Date : 2008

Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich - Specification Update of the Hash Family LUX

,2009
http://ehash.iaik.tugraz.at/uploads/c/c6/LUXadd.pdf
Bibtex
Author : Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich
Title : Specification Update of the Hash Family LUX
In : -
Address :
Date : 2009


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
collision reduced hash 224 3 blank rounds - - Wu,Feng,Wu
near-collision reduced hash 256 3 blank rounds - - Wu,Feng,Wu
free-start collision compression ? - - Wu,Feng,Wu
free-start preimage compression ? 280 - Wu,Feng,Wu
distinguisher hash all - - Wu,Feng,Wu,Mouha
distinguisher reduced hash 256 8 blank rounds example, 28 - Schmidt-Nielsen,Bjørstad
distinguisher reduced hash 512 9 blank rounds example, 28 - Schmidt-Nielsen,Bjørstad
slide-attack hash all salt size: 31 mod 32 - - Peyrin
collision hash 256 2100 - Watanabe,Ferguson
second preimage hash 256 2200 - Watanabe
collision hash 512 2228 - Watanabe,Ferguson
second preimage hash 512 2456 - Watanabe
distinguisher HMAC, DRBG all - - Ferguson

A description of this table is given here.


Shuang Wu, Dengguo Feng, Wenling Wu - Cryptanalysis of the Hash Function LUX-256

,2008
http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf
Bibtex
Author : Shuang Wu, Dengguo Feng, Wenling Wu
Title : Cryptanalysis of the Hash Function LUX-256
In : -
Address :
Date : 2008

Peter Schmidt-Nielsen - A distinguisher for reduced-round LUX

,2009
http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf
Bibtex
Author : Peter Schmidt-Nielsen
Title : A distinguisher for reduced-round LUX
In : -
Address :
Date : 2009

Tor E. Bjørstad - A distinguisher for reduced-round LUX (source code)

,2009
http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip
Bibtex
Author : Tor E. Bjørstad
Title : A distinguisher for reduced-round LUX (source code)
In : -
Address :
Date : 2009

Thomas Peyrin - Slide attacks on LUX

,2008
http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt
Bibtex
Author : Thomas Peyrin
Title : Slide attacks on LUX
In : -
Address :
Date : 2008

Watanabe Dai - OFFICIAL COMMENT: LUX

,2009
http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt
Bibtex
Author : Watanabe Dai
Title : OFFICIAL COMMENT: LUX
In : -
Address :
Date : 2009

Niels Ferguson - RE: OFFICIAL COMMENT: LUX

,2009
http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt
Bibtex
Author : Niels Ferguson
Title : RE: OFFICIAL COMMENT: LUX
In : -
Address :
Date : 2009

Nicky Mouha - RE: OFFICIAL COMMENT: LUX

,2009
http://ehash.iaik.tugraz.at/uploads/7/78/Lux_nicky.txt
Bibtex
Author : Nicky Mouha
Title : RE: OFFICIAL COMMENT: LUX
In : -
Address :
Date : 2009