Difference between revisions of "TIB3"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) m (final version of paper added) |
|||
(7 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
== The algorithm == | == The algorithm == | ||
− | * Author(s): Miguel Montes | + | * Author(s): Daniel Penazzi, Miguel Montes |
* Website: [http://www.famaf.unc.edu.ar/~penazzi/tib3/ http://www.famaf.unc.edu.ar/~penazzi/tib3/] | * Website: [http://www.famaf.unc.edu.ar/~penazzi/tib3/ http://www.famaf.unc.edu.ar/~penazzi/tib3/] | ||
− | * | + | * NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/TIB3.zip TIB3.zip] |
+ | |||
<bibtex> | <bibtex> | ||
Line 9: | Line 10: | ||
author = {Miguel Montes and Daniel Penazzi}, | author = {Miguel Montes and Daniel Penazzi}, | ||
title = {The TIB3 Hash}, | title = {The TIB3 Hash}, | ||
− | url = {http:// | + | url = {http://www.famaf.unc.edu.ar/~penazzi/tib3/submitted/Supporting_Documentation/TIB3_Algorithm_Specification.pdf}, |
howpublished = {Submission to NIST}, | howpublished = {Submission to NIST}, | ||
year = {2008}, | year = {2008}, | ||
} | } | ||
</bibtex> | </bibtex> | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{sha3TIB309, | ||
+ | author = {Miguel Montes and Daniel Penazzi}, | ||
+ | title = {Tweak on TIB3}, | ||
+ | url = {http://www.famaf.unc.edu.ar/~penazzi/tib3/TweakofTIB3/Supporting_Documentation/TIB3_Tweak.pdf}, | ||
+ | howpublished = {Available online}, | ||
+ | year = {2009}, | ||
+ | } | ||
+ | </bibtex> | ||
+ | |||
== Cryptanalysis == | == Cryptanalysis == | ||
− | + | {| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center" | |
+ | |- style="background:#efefef;" | ||
+ | | Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | ||
+ | |- | ||
+ | | | pseudo-collision || compression || all || || 2<sup>24</sup> || - || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer] | ||
+ | |- | ||
+ | | style="background:greenyellow" | collision || hash || 256 || || 2<sup>122.5</sup> || 2<sup>53</sup> || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer] | ||
+ | |- | ||
+ | | style="background:yellow" | collision || hash || 512 || || 2<sup>242</sup> || 2<sup>100</sup> || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer] | ||
+ | |- | ||
+ | |} | ||
+ | |||
+ | A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here]. | ||
+ | |||
+ | |||
+ | <bibtex> | ||
+ | @misc{iscMS09, | ||
+ | author = {Florian Mendel and Martin Schläffer}, | ||
+ | title = {On Free-start Collisions and Collisions for TIB3}, | ||
+ | url = {http://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055}, | ||
+ | howpublished = {In Proceedings of ISC, Springer}, | ||
+ | year = {2009}, | ||
+ | abstract = {In this paper, we present free-start collisions for the TIB3 hash functions with a complexity of about $2^{32}$ compression function evaluations. By using message modification techniques the complexity can be further reduced to $2^{24}$. Furthermore, we show how to construct collisions for TIB3 slightly faster than brute force search using the fact that we can construct several (different) free-start collisions for the compression function. The complexity to construct collisions is about $2^{122.5}$ for TIB3-256 and $2^{242}$ for TIB3-512 with memory requirements of $2^{53}$ and $2^{100}$ respectively. The attack shows that compression function attacks have been underestimated in the design of TIB3. Although the practicality of the proposed attacks might be debatable, they nevertheless exhibit non-random properties that are not present in the SHA-2 family.} | ||
+ | </bibtex> | ||
+ | |||
+ | |||
+ | === Archive === | ||
+ | |||
+ | <bibtex> | ||
+ | @misc{tib3MS09, | ||
+ | author = {Florian Mendel and Martin Schläffer}, | ||
+ | title = {On Pseudo-Collisions and Collisions for TIB3}, | ||
+ | url = {http://ehash.iaik.tugraz.at/uploads/2/2b/Tib3-pseudo.pdf}, | ||
+ | howpublished = {Available online}, | ||
+ | year = {2009}, | ||
+ | abstract = {In this paper, we present a pseudo-collision for TIB3 with a complexity of about $2^{32}$ compression function evaluations. By using message modification techniques the complexity can be further reduced. Furthermore, we show how to construct collisions for TIB3 slightly faster than brute force search using the fact that we can construct several (different) pseudo-collisions for the compression function. The complexity to construct collisions is about $2^{122.5}$ for TIB3-256 and $2^{244.5}$ for TIB3-512 with neglible memory requirements. | ||
+ | This attack shows that compression function attacks have been underestimated in the design of TIB3. Although the practicality of the proposed attacks might be debatable, it nevertheless exhibits non-random properties that are not present in the SHA-2 family and opens the possibility for further improved attacks.} | ||
+ | </bibtex> |
Latest revision as of 18:18, 29 July 2009
1 The algorithm
- Author(s): Daniel Penazzi, Miguel Montes
- Website: http://www.famaf.unc.edu.ar/~penazzi/tib3/
- NIST submission package: TIB3.zip
Miguel Montes, Daniel Penazzi - The TIB3 Hash
- ,2008
- http://www.famaf.unc.edu.ar/~penazzi/tib3/submitted/Supporting_Documentation/TIB3_Algorithm_Specification.pdf
BibtexAuthor : Miguel Montes, Daniel Penazzi
Title : The TIB3 Hash
In : -
Address :
Date : 2008
Miguel Montes, Daniel Penazzi - Tweak on TIB3
- ,2009
- http://www.famaf.unc.edu.ar/~penazzi/tib3/TweakofTIB3/Supporting_Documentation/TIB3_Tweak.pdf
BibtexAuthor : Miguel Montes, Daniel Penazzi
Title : Tweak on TIB3
In : -
Address :
Date : 2009
2 Cryptanalysis
Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
pseudo-collision | compression | all | 224 | - | Mendel,Schläffer | |
collision | hash | 256 | 2122.5 | 253 | Mendel,Schläffer | |
collision | hash | 512 | 2242 | 2100 | Mendel,Schläffer |
A description of this table is given here.
Florian Mendel, Martin Schläffer - On Free-start Collisions and Collisions for TIB3
- ,2009
- http://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055
BibtexAuthor : Florian Mendel, Martin Schläffer
Title : On Free-start Collisions and Collisions for TIB3
In : -
Address :
Date : 2009
2.1 Archive
Florian Mendel, Martin Schläffer - On Pseudo-Collisions and Collisions for TIB3