Difference between revisions of "RC4-HASH"
From The ECRYPT Hash Function Website
(→Best Known Results) |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
== Specification == | == Specification == | ||
− | + | * digest size: 8*k bits with 15 < k < 65 | |
− | * digest size: | + | * max. message length: < 2<sup>64</sup> |
− | * max. message length: < 2<sup>64</sup> | + | * compression function: based on RC4 |
− | * compression function: | ||
* Specification: | * Specification: | ||
− | --> | + | |
+ | <bibtex> | ||
+ | @inproceedings{indocryptChangGN06, | ||
+ | author = {Donghoon Chang and Kishan Chand Gupta and Mridul Nandi}, | ||
+ | title = {RC4-Hash: A New Hash Function Based on RC4}, | ||
+ | booktitle = {INDOCRYPT}, | ||
+ | year = {2006}, | ||
+ | pages = {80-94}, | ||
+ | url = {http://dx.doi.org/10.1007/11941378_7}, | ||
+ | editor = {Rana Barua and Tanja Lange}, | ||
+ | publisher = {Springer}, | ||
+ | series = {LNCS}, | ||
+ | volume = {4329}, | ||
+ | isbn = {3-540-49767-6}, | ||
+ | abstract = {In this paper, we propose a new hash function based on RC4 and we call it RC4-Hash. This proposed hash function produces variable length hash output from 16 bytes to 64 bytes. Our RC4-Hash has several advantages over many popularly known hash functions. Its efficiency is comparable with widely used known hash function (e.g., SHA-1). Seen in the light of recent attacks on MD4, MD5, SHA-0, SHA-1 and on RIPEMD, there is a serious need to consider other hash function design strategies. We present a concrete hash function design with completely new internal structure. The security analysis of RC4-Hash can be made in the view of the security analysis of RC4 (which is well studied) as well as the attacks on different hash functions. Our hash function is very simple and rules out all possible generic attacks. To the best of our knowledge, the design criteria of our hash function is different from all previously known hash functions. We believe our hash function to be secure and will appreciate security analysis and any other comments.}, | ||
+ | } | ||
+ | </bibtex> | ||
== Cryptanalysis == | == Cryptanalysis == | ||
Line 12: | Line 27: | ||
=== Best Known Results === | === Best Known Results === | ||
+ | |||
+ | Practical collision attack by Indesteege and Preneel for any digest length with an expected complexity of less than 2<sup>9</sup> compression function evaluations. | ||
---- | ---- | ||
Line 21: | Line 38: | ||
=== Collision Attacks === | === Collision Attacks === | ||
+ | |||
+ | <bibtex> | ||
+ | @inproceedings{iswIndesteegeP08, | ||
+ | author = {Sebastiaan Indesteege and Bart Preneel}, | ||
+ | title = {Collisions for RC4-Hash}, | ||
+ | booktitle = {ISC}, | ||
+ | year = {2008}, | ||
+ | pages = {355-366}, | ||
+ | abstract = {RC4-Hash is a variable digest length cryptographic hash function based on the design of the RC4 stream cipher. In this paper, we show that RC4-Hash is not collision resistant. Collisions for any digest length can be found with an expected effort of less than 2^9 compression function evaluations. This is extended to multicollisions for RC4-Hash. Finding a set of 2^k colliding messages has an expected cost of $2^7+k·2^8$ compression function evaluations. }, | ||
+ | url = {http://dx.doi.org/10.1007/978-3-540-85886-7_25}, | ||
+ | editor = {Tzong-Chen Wu and Chin-Laung Lei and Vincent Rijmen and Der-Tsai Lee}, | ||
+ | publisher = {Springer}, | ||
+ | series = {LNCS}, | ||
+ | volume = {5222}, | ||
+ | isbn = {978-3-540-85884-3}, | ||
+ | } | ||
+ | </bibtex> | ||
---- | ---- |
Latest revision as of 14:40, 10 November 2008
Contents
1 Specification
- digest size: 8*k bits with 15 < k < 65
- max. message length: < 264
- compression function: based on RC4
- Specification:
Donghoon Chang, Kishan Chand Gupta, Mridul Nandi - RC4-Hash: A New Hash Function Based on RC4
- INDOCRYPT 4329:80-94,2006
- http://dx.doi.org/10.1007/11941378_7
BibtexAuthor : Donghoon Chang, Kishan Chand Gupta, Mridul Nandi
Title : RC4-Hash: A New Hash Function Based on RC4
In : INDOCRYPT -
Address :
Date : 2006
2 Cryptanalysis
2.1 Best Known Results
Practical collision attack by Indesteege and Preneel for any digest length with an expected complexity of less than 29 compression function evaluations.
2.2 Generic Attacks
2.3 Collision Attacks
Sebastiaan Indesteege, Bart Preneel - Collisions for RC4-Hash
- ISC 5222:355-366,2008
- http://dx.doi.org/10.1007/978-3-540-85886-7_25
BibtexAuthor : Sebastiaan Indesteege, Bart Preneel
Title : Collisions for RC4-Hash
In : ISC -
Address :
Date : 2008