Difference between revisions of "LUX"
From The ECRYPT Hash Function Website
m (Fixed BibTeX author field) |
Crechberger (talk | contribs) (Specification Update of LUX) |
||
(5 intermediate revisions by 4 users not shown) | |||
Line 7: | Line 7: | ||
<bibtex> | <bibtex> | ||
− | @misc{ | + | @misc{sha3BiryukovKN08, |
− | author = {Ivica | + | author = {Ivica Nikolić and Alex Biryukov and Dmitry Khovratovich}, |
title = {Hash family LUX - Algorithm Specifications and | title = {Hash family LUX - Algorithm Specifications and | ||
Supporting Documentation}, | Supporting Documentation}, | ||
Line 14: | Line 14: | ||
howpublished = {Submission to NIST}, | howpublished = {Submission to NIST}, | ||
year = {2008}, | year = {2008}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{sha3BiryukovKN09, | ||
+ | author = {Ivica Nikolić and Alex Biryukov and Dmitry Khovratovich}, | ||
+ | title = {Specification Update of the Hash Family LUX}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/c/c6/LUXadd.pdf}, | ||
+ | howpublished = {Available online (local link)}, | ||
+ | year = {2009}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
Line 31: | Line 41: | ||
|- | |- | ||
| | free-start preimage || compression || ? || || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu] | | | free-start preimage || compression || ? || || 2<sup>80</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu] | ||
+ | |- | ||
+ | | | distinguisher || hash|| all || || - || - || [http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf Wu,Feng,Wu],[http://ehash.iaik.tugraz.at/uploads/7/78/Lux_nicky.txt Mouha] | ||
+ | |- | ||
+ | | | distinguisher || reduced hash || 256 || 8 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad] | ||
+ | |- | ||
+ | | | distinguisher || reduced hash || 512 || 9 blank rounds || example, 2<sup>8</sup> || - || [http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf Schmidt-Nielsen],[http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip Bjørstad] | ||
|- | |- | ||
| | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin] | | | slide-attack || hash || all || salt size: 31 mod 32 || - || - || [http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt Peyrin] | ||
− | |- | + | |- |
+ | | style="background:orange" | collision|| hash || 256 || || 2<sup>100</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe],[http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson] | ||
+ | |- | ||
+ | | style="background:orange" | second preimage|| hash || 256 || || 2<sup>200</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe] | ||
+ | |- | ||
+ | | style="background:orange" | collision|| hash || 512|| || 2<sup>228</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe],[http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson] | ||
+ | |- | ||
+ | | style="background:orange" | second preimage|| hash || 512|| || 2<sup>456</sup> || - || [http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt Watanabe] | ||
+ | |- | ||
+ | | | distinguisher || HMAC, DRBG|| all || || - || - || [http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt Ferguson] | ||
+ | |- | ||
|} | |} | ||
Line 47: | Line 73: | ||
year = {2008}, | year = {2008}, | ||
abstract = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.}, | abstract = {LUX is a new hash function submitted to NIST's SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^{80} and requires negligible memory.}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{luxS09, | ||
+ | author = {Peter Schmidt-Nielsen}, | ||
+ | title = {A distinguisher for reduced-round LUX}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf}, | ||
+ | howpublished = {NIST mailing list (local link)}, | ||
+ | year = {2009}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{luxB09, | ||
+ | author = {Tor E. Bjørstad}, | ||
+ | title = {A distinguisher for reduced-round LUX (source code)}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip}, | ||
+ | howpublished = {NIST mailing list (local link)}, | ||
+ | year = {2009}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
Line 57: | Line 103: | ||
howpublished = {NIST mailing list (local link)}, | howpublished = {NIST mailing list (local link)}, | ||
year = {2008}, | year = {2008}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{luxD09, | ||
+ | author = {Watanabe Dai}, | ||
+ | title = {OFFICIAL COMMENT: LUX}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt}, | ||
+ | howpublished = {NIST mailing list (local link)}, | ||
+ | year = {2009}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{luxF09, | ||
+ | author = {Niels Ferguson}, | ||
+ | title = {RE: OFFICIAL COMMENT: LUX}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt}, | ||
+ | howpublished = {NIST mailing list (local link)}, | ||
+ | year = {2009}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{luxM09, | ||
+ | author = {Nicky Mouha}, | ||
+ | title = {RE: OFFICIAL COMMENT: LUX}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/7/78/Lux_nicky.txt}, | ||
+ | howpublished = {NIST mailing list (local link)}, | ||
+ | year = {2009}, | ||
} | } | ||
</bibtex> | </bibtex> |
Latest revision as of 09:00, 5 May 2009
1 The algorithm
- Author(s): Ivica Nikolić, Alex Biryukov, and Dmitry Khovratovich
- Website: http://cryptolux.org/LUX
- NIST submission package: LUX.zip
Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich - Hash family LUX - Algorithm Specifications and
Supporting Documentation
- ,2008
- http://ehash.iaik.tugraz.at/uploads/f/f3/LUX.pdf
BibtexAuthor : Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich
Title : Hash family LUX - Algorithm Specifications and Supporting Documentation
In : -
Address :
Date : 2008
Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich - Specification Update of the Hash Family LUX
- ,2009
- http://ehash.iaik.tugraz.at/uploads/c/c6/LUXadd.pdf
BibtexAuthor : Ivica Nikolić, Alex Biryukov, Dmitry Khovratovich
Title : Specification Update of the Hash Family LUX
In : -
Address :
Date : 2009
2 Cryptanalysis
Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
collision | reduced hash | 224 | 3 blank rounds | - | - | Wu,Feng,Wu |
near-collision | reduced hash | 256 | 3 blank rounds | - | - | Wu,Feng,Wu |
free-start collision | compression | ? | - | - | Wu,Feng,Wu | |
free-start preimage | compression | ? | 280 | - | Wu,Feng,Wu | |
distinguisher | hash | all | - | - | Wu,Feng,Wu,Mouha | |
distinguisher | reduced hash | 256 | 8 blank rounds | example, 28 | - | Schmidt-Nielsen,Bjørstad |
distinguisher | reduced hash | 512 | 9 blank rounds | example, 28 | - | Schmidt-Nielsen,Bjørstad |
slide-attack | hash | all | salt size: 31 mod 32 | - | - | Peyrin |
collision | hash | 256 | 2100 | - | Watanabe,Ferguson | |
second preimage | hash | 256 | 2200 | - | Watanabe | |
collision | hash | 512 | 2228 | - | Watanabe,Ferguson | |
second preimage | hash | 512 | 2456 | - | Watanabe | |
distinguisher | HMAC, DRBG | all | - | - | Ferguson |
A description of this table is given here.
Shuang Wu, Dengguo Feng, Wenling Wu - Cryptanalysis of the Hash Function LUX-256
- ,2008
- http://ehash.iaik.tugraz.at/uploads/3/36/Analysis_LUX_1.pdf
BibtexAuthor : Shuang Wu, Dengguo Feng, Wenling Wu
Title : Cryptanalysis of the Hash Function LUX-256
In : -
Address :
Date : 2008
Peter Schmidt-Nielsen - A distinguisher for reduced-round LUX
- ,2009
- http://ehash.iaik.tugraz.at/uploads/3/3b/LUXATTACKNext.pdf
BibtexAuthor : Peter Schmidt-Nielsen
Title : A distinguisher for reduced-round LUX
In : -
Address :
Date : 2009
Tor E. Bjørstad - A distinguisher for reduced-round LUX (source code)
- ,2009
- http://ehash.iaik.tugraz.at/uploads/f/f9/LUXdistinguisher.zip
BibtexAuthor : Tor E. Bjørstad
Title : A distinguisher for reduced-round LUX (source code)
In : -
Address :
Date : 2009
Thomas Peyrin - Slide attacks on LUX
- ,2008
- http://ehash.iaik.tugraz.at/uploads/6/62/Lux_peyrin.txt
BibtexAuthor : Thomas Peyrin
Title : Slide attacks on LUX
In : -
Address :
Date : 2008
Watanabe Dai - OFFICIAL COMMENT: LUX
- ,2009
- http://ehash.iaik.tugraz.at/uploads/e/ec/Lux_dai.txt
BibtexAuthor : Watanabe Dai
Title : OFFICIAL COMMENT: LUX
In : -
Address :
Date : 2009
Niels Ferguson - RE: OFFICIAL COMMENT: LUX
- ,2009
- http://ehash.iaik.tugraz.at/uploads/2/21/Lux_niels.txt
BibtexAuthor : Niels Ferguson
Title : RE: OFFICIAL COMMENT: LUX
In : -
Address :
Date : 2009
Nicky Mouha - RE: OFFICIAL COMMENT: LUX