Difference between revisions of "MD6"

Revision as of 14:27, 2 November 2008

Authors: Ron Rivest, Benjamin Agre, Daniel V. Bailey, Christopher Crutchfield, Yevgeniy Dodis, Kermin Elliott Fleming, Asif Khan, Jayant Krishnamurthy, Yuncheng Lin, Leo Reyzin, Emily Shen, Jim Sukha, Drew Sutherland, Eran Tromer, Yiqun Lisa Yin
Website: http://groups.csail.mit.edu/cis/md6/
Specification:

Ronald L. Rivest - The MD6 hash function -- A proposal to NIST for SHA-3

,2008

Author : Ronald L. Rivest
Title : The MD6 hash function -- A proposal to NIST for SHA-3
In : -
Address :
Date : 2008

Aumasson, Meier (mentioned in original proposal text): nonrandomness observed on a reduced version of the compression function with 18 rounds, instead of at least 80 in the original MD6.
Dinur, Shamir (mentioned in original proposal text): cube attack on a reduced version of the compression function with 15 rounds, instead of at least 80 in the original MD6.

Revision as of 17:57, 31 October 2008 (view source) Fmendel (talk \| contribs) (→‎Cryptanalysis) ← Older edit		Revision as of 14:27, 2 November 2008 (view source) JAumasson (talk \| contribs) (→‎Cryptanalysis) Newer edit →
Line 19:		Line 19:


−	* Aumasson, Meier: nonrandomness on the ~~18-round~~ compression function ~~(mentioned~~ in original ~~proposal text)~~.	+	* Aumasson, Meier (mentioned in original proposal text): nonrandomness observed on a reduced version of the compression function with 18 rounds, instead of at least 80 in the original MD6.
−	* Dinur, Shamir: cube attack on the ~~15-round~~ compression function ~~(mentioned~~ in original ~~proposal text)~~.	+	* Dinur, Shamir (mentioned in original proposal text): cube attack on a reduced version of the compression function with 15 rounds, instead of at least 80 in the original MD6.