Difference between revisions of "NaSHA"

From The ECRYPT Hash Function Website
m
m (New document on NaSHA added)
Line 2: Line 2:
  
 
* Author(s): Smile Markovski, Aleksandra Mileva
 
* Author(s): Smile Markovski, Aleksandra Mileva
* Website: [http://inf.ugd.edu.mk/images/stories/file/Mileva/Nasha.htm http://inf.ugd.edu.mk/images/stories/file/Mileva/Nasha.htm]
+
* Website: [http://inf.ugd.edu.mk/images/stories/file/Mileva/nasha_hf.html http://inf.ugd.edu.mk/images/stories/file/Mileva/nasha_hf.html]
 
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/NaSHA.zip NaSHA.zip]
 
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/NaSHA.zip NaSHA.zip]
  
Line 82: Line 82:
 
<bibtex>
 
<bibtex>
 
@misc{MarkovskiMDG-eprint:2009:034,
 
@misc{MarkovskiMDG-eprint:2009:034,
  author = {S. Markovski and A. Mileva and V. Dimitrova and D. Gligoroski},
+
  author = {Smile Markovski and Aleksandra Mileva and V. Dimitrova and Danilo Gligoroski},
 
  title  = {On a Conditional Collision Attack on NaSHA-512},
 
  title  = {On a Conditional Collision Attack on NaSHA-512},
 
  howpublished = {Cryptology ePrint Archive, Report 2009/034},
 
  howpublished = {Cryptology ePrint Archive, Report 2009/034},
Line 88: Line 88:
 
  url    = {http://eprint.iacr.org/2009/034.pdf},
 
  url    = {http://eprint.iacr.org/2009/034.pdf},
 
  abstract = {A collision attack on NaSHA-512 was proposed by L. Ji et al. The claimed complexity of the attack is $2^{192}$. The proposed attack is realized by using a suitable differential pattern. In this note we show that the correct result that can be inferred from their differential pattern is in fact a conditional one. It can be stated correctly as follows: A collision attack on NaSHA-512 of complexity $k=1,2,\dots,2^{320}$ can be performed with an unknown probability of success $p_k$, where $ 0\le p_1\le p_2\le p_{2^{320}}\le 1$. Consequently, the attack proposed by L. Ji et al. can be considered only as a direction how a possible collision attack on NaSHA-512 could be realized. The birthday attack remains the best possible attack on NaSHA-512.}
 
  abstract = {A collision attack on NaSHA-512 was proposed by L. Ji et al. The claimed complexity of the attack is $2^{192}$. The proposed attack is realized by using a suitable differential pattern. In this note we show that the correct result that can be inferred from their differential pattern is in fact a conditional one. It can be stated correctly as follows: A collision attack on NaSHA-512 of complexity $k=1,2,\dots,2^{320}$ can be performed with an unknown probability of success $p_k$, where $ 0\le p_1\le p_2\le p_{2^{320}}\le 1$. Consequently, the attack proposed by L. Ji et al. can be considered only as a direction how a possible collision attack on NaSHA-512 could be realized. The birthday attack remains the best possible attack on NaSHA-512.}
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@misc{MDD09,
 +
author = {Smile Markovski and Aleksandra Mileva and V. Dimitrova},
 +
title  = {On the Second Conditional Collision Attack on NaSHA-384/512},
 +
howpublished = {Available online},
 +
year  = {2009},
 +
url    = {http://inf.ugd.edu.mk/images/stories/file/Mileva/response.pdf},
 
}
 
}
 
</bibtex>
 
</bibtex>

Revision as of 15:30, 23 February 2009

1 The algorithm


Smile Markovski, Aleksandra Mileva - 2.B.1 Algorithm Specification

,2008
http://inf.ugd.edu.mk/images/stories/file/Mileva/part2b1.pdf
Bibtex
Author : Smile Markovski, Aleksandra Mileva
Title : 2.B.1 Algorithm Specification
In : -
Address :
Date : 2008


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
free-start collision compression all 232 ? Nikolić,Khovratovich
free-start preimage compression 224,256 ~2128 ? Nikolić,Khovratovich
free-start preimage compression 384,512 ~2256 ? Nikolić,Khovratovich
free-start collision compression all - - Ji,Liangyu,Xu
collision hash 512 2192 ? Ji,Liangyu,Xu
collision hash 384,512 2128 - Z. Li, D. Li

A description of this table is given here.


Ivica Nikolić, Dmitry Khovratovich - Free-start attacks on NaSHA

,2008
http://ehash.iaik.tugraz.at/uploads/3/33/Free-start_attacks_on_Nasha.pdf
Bibtex
Author : Ivica Nikolić, Dmitry Khovratovich
Title : Free-start attacks on NaSHA
In : -
Address :
Date : 2008

Li Ji, Xu Liangyu, Guan Xu - Collision attack on NaSHA-512

,2008
http://eprint.iacr.org/2008/519.pdf
Bibtex
Author : Li Ji, Xu Liangyu, Guan Xu
Title : Collision attack on NaSHA-512
In : -
Address :
Date : 2008

Zhimin Li, Daofeng Li - Collision Attack on NaSHA-384/512

,2009
http://eprint.iacr.org/2009/026.pdf
Bibtex
Author : Zhimin Li, Daofeng Li
Title : Collision Attack on NaSHA-384/512
In : -
Address :
Date : 2009

Smile Markovski, Aleksandra Mileva, V. Dimitrova, Danilo Gligoroski - On a Conditional Collision Attack on NaSHA-512

,2009
http://eprint.iacr.org/2009/034.pdf
Bibtex
Author : Smile Markovski, Aleksandra Mileva, V. Dimitrova, Danilo Gligoroski
Title : On a Conditional Collision Attack on NaSHA-512
In : -
Address :
Date : 2009

Smile Markovski, Aleksandra Mileva, V. Dimitrova - On the Second Conditional Collision Attack on NaSHA-384/512

,2009
http://inf.ugd.edu.mk/images/stories/file/Mileva/response.pdf
Bibtex
Author : Smile Markovski, Aleksandra Mileva, V. Dimitrova
Title : On the Second Conditional Collision Attack on NaSHA-384/512
In : -
Address :
Date : 2009