Difference between revisions of "Talk:The SHA-3 Zoo"
Line 14: | Line 14: | ||
Paulo. | Paulo. | ||
+ | |||
+ | Addendum: as far as I could tell, the overall structure of the currently known proposals <b>seems</b> to be the following (disclaimer: I may be completely mistaken in many cases):<br> | ||
+ | |||
+ | {| border="1" cellpadding="4" cellspacing="0" align="center" class="wikitable" | ||
+ | |- style="background:#efefef;" | ||
+ | ! width="150"| Hash Function Name !! width="150"| Status !! width="150"| [[External Cryptanalysis Categories| External Cryptanalysis]]!! width="150"| Tentative Classification | ||
+ | |- | ||
+ | | [[BLAKE]] || submitted || none || HAIFA/? | ||
+ | |- | ||
+ | | [[Blue Midnight Wish]] || submitted || none || sponge | ||
+ | |- | ||
+ | | [[Boole]] || submitted || yes || streaming | ||
+ | |- | ||
+ | | [[CHI]] || submitted || none || Merkle-Damgaard/Davies-Meyer | ||
+ | |- | ||
+ | | [[CRUNCH]] || submitted || none || sponge? | ||
+ | |- | ||
+ | | [[CubeHash]] || submitted || yes || sponge | ||
+ | |- | ||
+ | | [[Edon-R (SHA-3 submission)|Edon-R]] || submitted || yes || sponge? | ||
+ | |- | ||
+ | | [[EnRUPT]] || submitted || broken || streaming | ||
+ | |- | ||
+ | | [[ESSENCE]] || submitted || none || Merkle tree | ||
+ | |- | ||
+ | | [[FSB (SHA-3 submission) | FSB]] || submitted || none || sponge? | ||
+ | |- | ||
+ | | [[Fugue]] || submitted || none || sponge? | ||
+ | |- | ||
+ | | [[Groestl|Grøstl]] || submitted || none || sponge | ||
+ | |- | ||
+ | | [[HASH 2X]] || submitted || broken || streaming? | ||
+ | |- | ||
+ | | [[Keccak]] || submitted || none || sponge | ||
+ | |- | ||
+ | | [[Maraca]] || submitted || none || sponge? | ||
+ | |- | ||
+ | | [[MCSSHA-3]] || submitted || broken || streaming | ||
+ | |- | ||
+ | | [[MD6]] || submitted || yes || Merkle tree | ||
+ | |- | ||
+ | | [[NaSHA]] || submitted || none || sponge? | ||
+ | |- | ||
+ | | [[NKS2D]] || submitted || broken || cellular automaton | ||
+ | |- | ||
+ | | [[Ponic]] || submitted || none || streaming | ||
+ | |- | ||
+ | | [[Sarmal]] || submitted || none || HAIFA/Davies-Meyer | ||
+ | |- | ||
+ | | [[Sgàil]] || submitted || broken || Merkle-Damgaard/Davies-Meyer | ||
+ | |- | ||
+ | | [[SHAMATA]] || submitted || none || sponge | ||
+ | |- | ||
+ | | [[Skein]] || submitted || none || Merkle-Damgaard/UBI? | ||
+ | |- | ||
+ | | [[Spectral Hash]] || submitted || yes || Merkle-Damgaard/prism? | ||
+ | |- | ||
+ | | [[Vortex (SHA-3 submission)|Vortex]] || submitted || yes || Merkle-Damgaard/Vortex-block? | ||
+ | |- | ||
+ | | [[WaMM]] || submitted || broken || sponge | ||
+ | |- | ||
+ | | [[Waterfall]] || submitted || none || streaming | ||
+ | |} |
Revision as of 00:48, 19 November 2008
I'm thinking about introducing another column to the list of submissions to provide a rough, overall classification of the candidates (e.g. classical Merkle-Damgaard vs. HAIFA vs. sponge vs. tree-based vs. streaming vs. ...), motivated by private messages I've got comparing the current SHA-3 Zoo with my old hash lounge.
However, finding the most appropriate category for some submissions may be a tough task; paradigms may be so distorted as to be nearly unrecognizable. Still, other candidates exhibit a much more transparent structure, and I think this information may be useful (e.g. comparing submissions that fall on distinct categories may not be as fair as comparing functions that share a high-level structure).
Would such a modification be welcome to the SHA-3 Zoo contributors?
Paulo.
I think this would be a lot of effort for a relatively minor added value; as you observe, many candidates are likely to use "uncategorizable" modes of operations. How one would classify CubeHash? It has similarities with a sponge constructions, but is not a sponge in general. Also, both MD6 and ESSENCE have a tree construction, but with different arities, parameters, etc. Finding the best tradeoff precision/readability seems difficult...
JP
Well, I don't see it as too much effort -- for me at any rate; I'm not asking that somebody else do the hard work ☺. Rather, I think it's part of trying to understand how each submission works, and it could also suggest lines of attack (particularly where the actual functions deviate from previously analyzed constructions). Besides, in cases where the authors disagree of a tentative category it might shed new light on those authors' original intent.
Paulo.
Addendum: as far as I could tell, the overall structure of the currently known proposals seems to be the following (disclaimer: I may be completely mistaken in many cases):
Hash Function Name | Status | External Cryptanalysis | Tentative Classification |
---|---|---|---|
BLAKE | submitted | none | HAIFA/? |
Blue Midnight Wish | submitted | none | sponge |
Boole | submitted | yes | streaming |
CHI | submitted | none | Merkle-Damgaard/Davies-Meyer |
CRUNCH | submitted | none | sponge? |
CubeHash | submitted | yes | sponge |
Edon-R | submitted | yes | sponge? |
EnRUPT | submitted | broken | streaming |
ESSENCE | submitted | none | Merkle tree |
FSB | submitted | none | sponge? |
Fugue | submitted | none | sponge? |
Grøstl | submitted | none | sponge |
HASH 2X | submitted | broken | streaming? |
Keccak | submitted | none | sponge |
Maraca | submitted | none | sponge? |
MCSSHA-3 | submitted | broken | streaming |
MD6 | submitted | yes | Merkle tree |
NaSHA | submitted | none | sponge? |
NKS2D | submitted | broken | cellular automaton |
Ponic | submitted | none | streaming |
Sarmal | submitted | none | HAIFA/Davies-Meyer |
Sgàil | submitted | broken | Merkle-Damgaard/Davies-Meyer |
SHAMATA | submitted | none | sponge |
Skein | submitted | none | Merkle-Damgaard/UBI? |
Spectral Hash | submitted | yes | Merkle-Damgaard/prism? |
Vortex | submitted | yes | Merkle-Damgaard/Vortex-block? |
WaMM | submitted | broken | sponge |
Waterfall | submitted | none | streaming |