Difference between revisions of "SIMD"

Revision as of 09:20, 29 April 2010

1 The algorithm

Author(s): Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque
Website: http://www.di.ens.fr/~leurent/simd.html
NIST submission package:
- round 1: SIMDUpdate.zip (old version: SIMD.zip)
- round 2: SIMD_Round2.zip

Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque - SIMD Is a Message Digest

,2009

http://www.di.ens.fr/~leurent/files/SIMD.pdf
Bibtex

Author : Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque
Title : SIMD Is a Message Digest
In : -
Address :
Date : 2009

Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque - SIMD Is a Message Digest

,2008

http://ehash.iaik.tugraz.at/uploads/4/4e/Simd.pdf
Bibtex

Author : Gaëtan Leurent, Charles Bouillaguet, Pierre-Alain Fouque
Title : SIMD Is a Message Digest
In : -
Address :
Date : 2008

2 Cryptanalysis

We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.

A description of the tables is given here.

Recommended security parameter: total number of steps = 32

2.1 Hash function

Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.

Type of Analysis	Hash Size (n)	Parameters	Compression Function Calls	Memory Requirements	Reference

2.2 Building blocks

Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.

Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).

Type of Analysis	Hash Function Part	Hash Size (n)	Parameters/Variants	Compression Function Calls	Memory Requirements	Reference
distinguisher	compression	512	12 steps	2²³⁶	-	Nikolić,Pieprzyk,Sokołowski,Steinfeld
distinguisher	compression	512	linear message exp., 24 steps	2⁴⁹⁷	-	Nikolić,Pieprzyk,Sokołowski,Steinfeld
distinguisher	compression	512	full (Round 1)	5*2^425.28	-	Mendel, Nad

Ivica Nikolić, Josef Pieprzyk, Przemysław Sokołowski, Ron Steinfeld - Rotational Cryptanalysis of (Modified) Versions of BMW and SIMD

,2010

https://cryptolux.org/mediawiki/uploads/0/07/Rotational_distinguishers_%28Nikolic%2C_Pieprzyk%2C_Sokolowski%2C_Steinfeld%29.pdf
Bibtex

Author : Ivica Nikolić, Josef Pieprzyk, Przemysław Sokołowski, Ron Steinfeld
Title : Rotational Cryptanalysis of (Modified) Versions of BMW and SIMD
In : -
Address :
Date : 2010

Florian Mendel, Tomislav Nad - A Distinguisher for the Compression Function of SIMD-512

INDOCRYPT 5922:219-232,2009

http://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=125658
Bibtex

Author : Florian Mendel, Tomislav Nad
Title : A Distinguisher for the Compression Function of SIMD-512
In : INDOCRYPT -
Address :
Date : 2009

@@ Line 35: / Line 35: @@
 A description of the tables is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
+Recommended security parameter: total number of steps = '''32'''
 === Hash function ===
 Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.
-Recommended security parameter: total number of steps = 32
 {| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"
@@ Line 56: / Line 55: @@
 Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).
-Recommended security parameter: total number of steps = 32
 {| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"
@@ Line 70: / Line 67: @@
 |-
 |}
 <bibtex>

Difference between revisions of "SIMD"

Revision as of 09:20, 29 April 2010

Contents

1 The algorithm

2 Cryptanalysis

2.1 Hash function

2.2 Building blocks

Navigation menu

Views

Personal tools

Navigation

Search

Tools