Difference between revisions of "PANAMA"

From The ECRYPT Hash Function Website
 
(Generic Attacks)
 
(9 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
== Specification ==
 
== Specification ==
  
<!--
+
* digest size: 256 bits
* digest size: 160 bits
+
* max. message length: arbitrary length
* max. message length: < 2<sup>64</sup> bits
+
* compression function: 256-bit message block, > 1 Kbyte chaining state
* compression function: 512-bit message block, 160-bit chaining variable
 
 
* Specification:  
 
* Specification:  
-->
+
 
 +
<bibtex>
 +
@inproceedings{fseDaemenC98,
 +
  author    = {Joan Daemen and Craig S. K. Clapp},
 +
  title    = {Fast Hashing and Stream Encryption with PANAMA},
 +
  pages    = {60-74},
 +
  url        = {http://link.springer.de/link/service/series/0558/bibs/1372/13720060.htm},
 +
  editor    = {Serge Vaudenay},
 +
  booktitle = {FSE},
 +
  publisher = {Springer},
 +
  series    = {LNCS},
 +
  volume    = {1372},
 +
  year      = {1998},
 +
  isbn      = {3-540-64265-X},
 +
  abstract  = {We present a cryptographic module that can be used both as a cryptographic hash function and as a stream cipher. High performance is achieved through a combination of low work-factor and a high degree of parallelism. Throughputs of 5.1 bits/cycle for the hashing mode and 4.7 bits/cycle for the stream cipher mode are demonstrated on a commercially available VLIW micro-processor.},
 +
}
 +
</bibtex>
  
 
== Cryptanalysis ==
 
== Cryptanalysis ==
Line 12: Line 27:
  
 
=== Best Known Results ===
 
=== Best Known Results ===
 +
 +
The best collision attack on PANAMA was presented by Daemen and Van Assche. The attack has a complexity of about attack 2<sup>6</sup> evaluations of the state updating function.
  
 
----
 
----
  
 
=== Generic Attacks ===
 
=== Generic Attacks ===
* [[GenericAttacksMerkleDamgaard| Generic Attacks on the Merkle-Damgaard Construction ]]
+
* PANAMA is not a design follwing the Merkle-Damgaard construction principle. [[GenericAttacksHash| Generic Attacks on Hash Functions]]
  
 
----
 
----
Line 22: Line 39:
 
=== Collision Attacks ===
 
=== Collision Attacks ===
  
 +
<bibtex>
 +
@inproceedings{fseDaemenA07,
 +
  author    = {Joan Daemen and Gilles Van Assche},
 +
  title    = {Producing Collisions for Panama, Instantaneously},
 +
  pages    = {1-18},
 +
  url        = {http://dx.doi.org/10.1007/978-3-540-74619-5_1},
 +
  editor    = {Alex Biryukov},
 +
  booktitle = {FSE},
 +
  publisher = {Springer},
 +
  series    = {LNCS},
 +
  volume    = {4593},
 +
  year      = {2007},
 +
  isbn      = {978-3-540-74617-1},
 +
  abstract  = {We present a practical attack on the Panama hash
 +
function that generates a collision in 2<sup>6</sup> evaluations of the state
 +
updating function. Our attack improves that of Rijmen and coworkers
 +
that had a complexity 2<sup>82</sup>, too high to produce a collision in practice.
 +
This improvement comes mainly from the use of techniques to transfer
 +
conditions on the state to message words instead of trying many message
 +
pairs and using the ones for which the conditions are satisfied. Our
 +
attack works for any arbitrary prefix message, followed by a pair of
 +
suffix messages with a given difference. We give an example of a collision
 +
and make the collision-generating program available. Our attack does not
 +
affect the Panama stream cipher, that is still unbroken to the best of our knowledge.},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@inproceedings{fseRijmenRPV01,
 +
  author    = {Vincent Rijmen and Bart Van Rompay and Bart Preneel and Joos Vandewalle},
 +
  title    = {Producing Collisions for PANAMA},
 +
  pages    = {37-51},
 +
  url        = {http://link.springer.de/link/service/series/0558/bibs/2355/23550037.htm},
 +
  editor    = {Mitsuru Matsui},
 +
  booktitle = {FSE},
 +
  publisher = {Springer},
 +
  series    = {LNCS},
 +
  volume    = {2355},
 +
  year      = {2002},
 +
  isbn      = {3-540-43869-6},
 +
  abstract  = {PANAMA is a cryptographic module that was presented at the FSE Workshop in ’98 by Joan Daemen and Craig Clapp. It can serve both as a stream cipher and as a cryptographic hash function, with a hash result of 256 bits. PANAMA achieves high performance (for large amounts of data) because of its inherent parallelism. We will analyse the security of PANAMA when used as a hash function, and demonstrate an attack able to find collisions much faster than by birthday attack. The computational complexity of our current attack is 2^82; the required amount of memory is negligible.},
 +
}
 +
</bibtex>
 
----
 
----
  

Latest revision as of 09:58, 12 March 2008

1 Specification

  • digest size: 256 bits
  • max. message length: arbitrary length
  • compression function: 256-bit message block, > 1 Kbyte chaining state
  • Specification:

Joan Daemen, Craig S. K. Clapp - Fast Hashing and Stream Encryption with PANAMA

FSE 1372:60-74,1998
http://link.springer.de/link/service/series/0558/bibs/1372/13720060.htm
Bibtex
Author : Joan Daemen, Craig S. K. Clapp
Title : Fast Hashing and Stream Encryption with PANAMA
In : FSE -
Address :
Date : 1998

2 Cryptanalysis

2.1 Best Known Results

The best collision attack on PANAMA was presented by Daemen and Van Assche. The attack has a complexity of about attack 26 evaluations of the state updating function.

2.2 Generic Attacks

2.3 Collision Attacks

Joan Daemen, Gilles Van Assche - Producing Collisions for Panama, Instantaneously

FSE 4593:1-18,2007
http://dx.doi.org/10.1007/978-3-540-74619-5_1
Bibtex
Author : Joan Daemen, Gilles Van Assche
Title : Producing Collisions for Panama, Instantaneously
In : FSE -
Address :
Date : 2007

Vincent Rijmen, Bart Van Rompay, Bart Preneel, Joos Vandewalle - Producing Collisions for PANAMA

FSE 2355:37-51,2002
http://link.springer.de/link/service/series/0558/bibs/2355/23550037.htm
Bibtex
Author : Vincent Rijmen, Bart Van Rompay, Bart Preneel, Joos Vandewalle
Title : Producing Collisions for PANAMA
In : FSE -
Address :
Date : 2002

2.4 Second Preimage Attacks

2.5 Preimage Attacks

2.6 Others

Retrieved from "https://ehash.iaik.tugraz.at/index.php?title=PANAMA&oldid=1936"