Difference between revisions of "TIB3"

From The ECRYPT Hash Function Website
m
m (final version of paper added)
 
(6 intermediate revisions by 4 users not shown)
Line 3: Line 3:
 
* Author(s): Daniel Penazzi, Miguel Montes
 
* Author(s): Daniel Penazzi, Miguel Montes
 
* Website: [http://www.famaf.unc.edu.ar/~penazzi/tib3/ http://www.famaf.unc.edu.ar/~penazzi/tib3/]
 
* Website: [http://www.famaf.unc.edu.ar/~penazzi/tib3/ http://www.famaf.unc.edu.ar/~penazzi/tib3/]
* Specification:
+
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/TIB3.zip TIB3.zip]
 +
 
  
 
<bibtex>
 
<bibtex>
Line 9: Line 10:
 
   author    = {Miguel Montes and Daniel Penazzi},
 
   author    = {Miguel Montes and Daniel Penazzi},
 
   title    = {The TIB3 Hash},
 
   title    = {The TIB3 Hash},
   url        = {http://131002.net/blake/blake.pdf},
+
   url        = {http://www.famaf.unc.edu.ar/~penazzi/tib3/submitted/Supporting_Documentation/TIB3_Algorithm_Specification.pdf},
 
   howpublished = {Submission to NIST},
 
   howpublished = {Submission to NIST},
 
   year      = {2008},
 
   year      = {2008},
 
}
 
}
 
</bibtex>
 
</bibtex>
 +
 +
<bibtex>
 +
@misc{sha3TIB309,
 +
  author    = {Miguel Montes and Daniel Penazzi},
 +
  title    = {Tweak on TIB3},
 +
  url        = {http://www.famaf.unc.edu.ar/~penazzi/tib3/TweakofTIB3/Supporting_Documentation/TIB3_Tweak.pdf},
 +
  howpublished = {Available online},
 +
  year      = {2009},
 +
}
 +
</bibtex>
 +
  
 
== Cryptanalysis ==
 
== Cryptanalysis ==
  
* None yet
+
{| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"                 
 +
|- style="background:#efefef;"                 
 +
|    Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference
 +
|-                                       
 +
|  | pseudo-collision || compression || all ||  || 2<sup>24</sup> || - || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer]
 +
|-                   
 +
|  style="background:greenyellow" | collision || hash || 256 ||  || 2<sup>122.5</sup> || 2<sup>53</sup> || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer]
 +
|-                   
 +
|  style="background:yellow" | collision || hash || 512 ||  || 2<sup>242</sup> || 2<sup>100</sup> || [https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055 Mendel,Schläffer]
 +
|-                                       
 +
|}                   
 +
 
 +
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
 +
 
 +
 
 +
<bibtex>
 +
@misc{iscMS09,
 +
  author    = {Florian Mendel and Martin Schläffer},
 +
  title    = {On Free-start Collisions and Collisions for TIB3},
 +
  url = {http://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055},
 +
  howpublished = {In Proceedings of ISC, Springer},
 +
  year = {2009},
 +
  abstract = {In this paper, we present free-start collisions for the TIB3 hash functions with a complexity of about $2^{32}$ compression function evaluations. By using message modification techniques the complexity can be further reduced to $2^{24}$. Furthermore, we show how to construct collisions for TIB3 slightly faster than brute force search using the fact that we can construct several (different) free-start collisions for the compression function. The complexity to construct collisions is about $2^{122.5}$ for TIB3-256 and $2^{242}$ for TIB3-512 with memory requirements of $2^{53}$ and $2^{100}$ respectively. The attack shows that compression function attacks have been underestimated in the design of TIB3. Although the practicality of the proposed attacks might be debatable, they nevertheless exhibit non-random properties that are not present in the SHA-2 family.}
 +
</bibtex>
 +
 
 +
 
 +
=== Archive ===
 +
 
 +
<bibtex>
 +
@misc{tib3MS09,
 +
  author    = {Florian Mendel and Martin Schläffer},
 +
  title    = {On Pseudo-Collisions and Collisions for TIB3},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/2/2b/Tib3-pseudo.pdf},
 +
  howpublished = {Available online},
 +
  year = {2009},
 +
  abstract = {In this paper, we present a pseudo-collision for TIB3 with a complexity of about $2^{32}$ compression function evaluations. By using message modification techniques the complexity can be further reduced. Furthermore, we show how to construct collisions for TIB3 slightly faster than brute force search using the fact that we can construct several (different) pseudo-collisions for the compression function. The complexity to construct collisions is about $2^{122.5}$ for TIB3-256 and $2^{244.5}$ for TIB3-512 with neglible memory requirements.
 +
This attack shows that compression function attacks have been underestimated in the design of TIB3. Although the practicality of the proposed attacks might be debatable, it nevertheless exhibits non-random properties that are not present in the SHA-2 family and opens the possibility for further improved attacks.}
 +
</bibtex>

Latest revision as of 18:18, 29 July 2009

1 The algorithm


Miguel Montes, Daniel Penazzi - The TIB3 Hash

,2008
http://www.famaf.unc.edu.ar/~penazzi/tib3/submitted/Supporting_Documentation/TIB3_Algorithm_Specification.pdf
Bibtex
Author : Miguel Montes, Daniel Penazzi
Title : The TIB3 Hash
In : -
Address :
Date : 2008

Miguel Montes, Daniel Penazzi - Tweak on TIB3

,2009
http://www.famaf.unc.edu.ar/~penazzi/tib3/TweakofTIB3/Supporting_Documentation/TIB3_Tweak.pdf
Bibtex
Author : Miguel Montes, Daniel Penazzi
Title : Tweak on TIB3
In : -
Address :
Date : 2009


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
pseudo-collision compression all 224 - Mendel,Schläffer
collision hash 256 2122.5 253 Mendel,Schläffer
collision hash 512 2242 2100 Mendel,Schläffer

A description of this table is given here.


Florian Mendel, Martin Schläffer - On Free-start Collisions and Collisions for TIB3

,2009
http://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=107055
Bibtex
Author : Florian Mendel, Martin Schläffer
Title : On Free-start Collisions and Collisions for TIB3
In : -
Address :
Date : 2009


2.1 Archive

Florian Mendel, Martin Schläffer - On Pseudo-Collisions and Collisions for TIB3

,2009
http://ehash.iaik.tugraz.at/uploads/2/2b/Tib3-pseudo.pdf
Bibtex
Author : Florian Mendel, Martin Schläffer
Title : On Pseudo-Collisions and Collisions for TIB3
In : -
Address :
Date : 2009
Retrieved from "https://ehash.iaik.tugraz.at/index.php?title=TIB3&oldid=3201"