Difference between revisions of "Snefru-n"

From The ECRYPT Hash Function Website
(Specification)
(Preimage Attacks)
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
== Specification ==
 
== Specification ==
  
<!--
+
* digest size: 128 bits
* digest size: 160 bits
+
* max. message length: < 2<sup>384</sup> bits
* max. message length: < 2<sup>64</sup> bits
+
* compression function: 2/4/8 passes, 384-bit message block, 128-bit chaining variable
* compression function: 512-bit message block, 160-bit chaining variable
 
 
* Specification:  
 
* Specification:  
-->
 
  
 
<bibtex>
 
<bibtex>
 
@article{jocMerkle90,
 
@article{jocMerkle90,
 
   author    = {Ralph C. Merkle},
 
   author    = {Ralph C. Merkle},
   title    = {{A Fast Software One-Way Hash Function}},
+
   title    = {A Fast Software One-Way Hash Function},
 
   journal  = {J. Cryptology},
 
   journal  = {J. Cryptology},
 
   volume    = {3},
 
   volume    = {3},
Line 44: Line 42:
 
=== Preimage Attacks ===
 
=== Preimage Attacks ===
  
 +
<bibtex>
 +
@inproceedings{fseBiham08,
 +
  author    = {Eli Biham},
 +
  title    = {New Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru},
 +
  booktitle = {FSE},
 +
  year      = {2008},
 +
  pages    = {444-461},
 +
  abstract  = {In 1989-1990, two new hash functions were presented, Snefru and MD4. Snefru was soon broken by the newly introduced differential cryptanalysis, while MD4 remained unbroken for several more years. As a result, newer functions based on MD4, e.g., MD5 and SHA-1, became the de-facto and international standards. Following recent techniques of differential cryptanalysis for hash function, today we know that MD4 is even weaker than Snefru. In this paper we apply recent differential cryptanalysis techniques to Snefru, and devise new techniques that improve the attacks on Snefru further, including using generic attacks with differential cryptanalysis, and using virtual messages with second preimage attacks for finding preimages. Our results reduce the memory requirements of prior attacks to a negligible memory, and present a preimage of 2-pass Snefru. Finally, some observations on the padding schemes of Snefru and MD4 are discussed.},
 +
  url        = {http://dx.doi.org/10.1007/978-3-540-71039-4_28},
 +
  editor    = {Kaisa Nyberg},
 +
  publisher = {Springer},
 +
  series    = {LNCS},
 +
  volume    = {5086},
 +
  isbn      = {978-3-540-71038-7},
 +
}
 +
</bibtex>
  
 
----
 
----
  
 
=== Others ===
 
=== Others ===

Latest revision as of 11:33, 10 November 2008

1 Specification

  • digest size: 128 bits
  • max. message length: < 2384 bits
  • compression function: 2/4/8 passes, 384-bit message block, 128-bit chaining variable
  • Specification:

Ralph C. Merkle - A Fast Software One-Way Hash Function

J. Cryptology 3(1):43-58,1990
http://dx.doi.org/10.1007/BF00203968
Bibtex
Author : Ralph C. Merkle
Title : A Fast Software One-Way Hash Function
In : J. Cryptology -
Address :
Date : 1990

2 Cryptanalysis

2.1 Best Known Results


2.2 Generic Attacks


2.3 Collision Attacks


2.4 Second Preimage Attacks


2.5 Preimage Attacks

Eli Biham - New Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru

FSE 5086:444-461,2008
http://dx.doi.org/10.1007/978-3-540-71039-4_28
Bibtex
Author : Eli Biham
Title : New Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru
In : FSE -
Address :
Date : 2008

2.6 Others