Difference between revisions of "MD6"
From The ECRYPT Hash Function Website
m (Added Khazaei/Meier results) |
Crechberger (talk | contribs) (33 rounds of the MD6 permutation) |
||
Line 27: | Line 27: | ||
| | key-recovery || reduced compression || || 15 rounds || ? || ? || [http://groups.csail.mit.edu/cis/md6/supmitted-2008-10-27/Supporting_Documentation/md6_report.pdf Dinur,Shamir] | | | key-recovery || reduced compression || || 15 rounds || ? || ? || [http://groups.csail.mit.edu/cis/md6/supmitted-2008-10-27/Supporting_Documentation/md6_report.pdf Dinur,Shamir] | ||
|- | |- | ||
− | | | non-randomness || reduced | + | | | non-randomness || reduced permutation|| || 30 rounds || ? || ? || [http://www.dagstuhl.de/Materials/index.en.phtml?09031#Khovratovich,Dimitry Khovratovich] |
+ | |- | ||
+ | | | non-randomness || reduced permutation|| || 33 rounds || ? || ? || [http://fse2009rump.cr.yp.to/fe1a0e11287a9864c1d897a3110ebaa2.pdf, Khovratovich] | ||
|- | |- | ||
| | collision || reduced compression || || 16 rounds || 2<sup>30</sup> || - || [http://ehash.iaik.tugraz.at/uploads/9/91/Khazaei_md6.txt Khazaei,Meier] | | | collision || reduced compression || || 16 rounds || 2<sup>30</sup> || - || [http://ehash.iaik.tugraz.at/uploads/9/91/Khazaei_md6.txt Khazaei,Meier] | ||
Line 80: | Line 82: | ||
I will also show how it worked in practice in a GUI-tool.}, | I will also show how it worked in practice in a GUI-tool.}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{md6K2, | ||
+ | author = {Dimitry Khovratovich}, | ||
+ | title = {Nonrandomness of the 33-round MD6}, | ||
+ | url = {http://fse2009rump.cr.yp.to/fe1a0e11287a9864c1d897a3110ebaa2.pdf}, | ||
+ | howpublished = {FSE 2009 rump session, slides only}, | ||
+ | year = {2009}, | ||
} | } | ||
</bibtex> | </bibtex> |
Latest revision as of 17:16, 3 March 2009
1 The algorithm
- Authors: Ron Rivest, Benjamin Agre, Daniel V. Bailey, Christopher Crutchfield, Yevgeniy Dodis, Kermin Elliott Fleming, Asif Khan, Jayant Krishnamurthy, Yuncheng Lin, Leo Reyzin, Emily Shen, Jim Sukha, Drew Sutherland, Eran Tromer, Yiqun Lisa Yin
- Website: http://groups.csail.mit.edu/cis/md6/
- NIST submission package: MD6.zip
Ronald L. Rivest - The MD6 hash function -- A proposal to NIST for SHA-3
- ,2008
- http://groups.csail.mit.edu/cis/md6/submitted-2008-10-27/Supporting_Documentation/md6_report.pdf
BibtexAuthor : Ronald L. Rivest
Title : The MD6 hash function -- A proposal to NIST for SHA-3
In : -
Address :
Date : 2008
2 Cryptanalysis
Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
non-randomness | reduced compression | 18 rounds | ? | ? | Aumasson,Meier | |
key-recovery | reduced compression | 15 rounds | ? | ? | Dinur,Shamir | |
non-randomness | reduced permutation | 30 rounds | ? | ? | Khovratovich | |
non-randomness | reduced permutation | 33 rounds | ? | ? | Khovratovich | |
collision | reduced compression | 16 rounds | 230 | - | Khazaei,Meier |
A description of this table is given here.
Jean-Philippe Aumasson, Willi Meier - Personal communication (nonrandomness on the reduced-round compression function)
- ,2008
- http://groups.csail.mit.edu/cis/md6/submitted-2008-10-27/Supporting_Documentation/md6_report.pdf
BibtexAuthor : Jean-Philippe Aumasson, Willi Meier
Title : Personal communication (nonrandomness on the reduced-round compression function)
In : -
Address :
Date : 2008
Itai Dinur, Adi Shamir - Personal communication (key recovery on the reduced-round compression function)
- ,2008
- http://groups.csail.mit.edu/cis/md6/submitted-2008-10-27/Supporting_Documentation/md6_report.pdf
BibtexAuthor : Itai Dinur, Adi Shamir
Title : Personal communication (key recovery on the reduced-round compression function)
In : -
Address :
Date : 2008
Dimitry Khovratovich - Gaussian cryptanalysis of hash functions: collisions,
preimages, distinguishers
- ,2009
- http://www.dagstuhl.de/Materials/index.en.phtml?09031#Khovratovich,%20Dimitry
BibtexAuthor : Dimitry Khovratovich
Title : Gaussian cryptanalysis of hash functions: collisions, preimages, distinguishers
In : -
Address :
Date : 2009
Dimitry Khovratovich - Nonrandomness of the 33-round MD6
- ,2009
- http://fse2009rump.cr.yp.to/fe1a0e11287a9864c1d897a3110ebaa2.pdf
BibtexAuthor : Dimitry Khovratovich
Title : Nonrandomness of the 33-round MD6
In : -
Address :
Date : 2009
Shahram Khazaei, Willi Meier - Collisions for 16-round MD6