Difference between revisions of "The SHA-3 Zoo"
(DCH, Khichidi-1, MeshHash, and Tangle conceded broken according to http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/submissions_rnd1.html) |
|||
Line 35: | Line 35: | ||
| [[CubeHash]] || Daniel J. Bernstein || style="background:greenyellow" | preimage || | | [[CubeHash]] || Daniel J. Bernstein || style="background:greenyellow" | preimage || | ||
|- | |- | ||
− | |||
− | |||
| [[Dynamic SHA]] || Xu Zijie || || length-extension | | [[Dynamic SHA]] || Xu Zijie || || length-extension | ||
|- | |- | ||
Line 62: | Line 60: | ||
|- | |- | ||
| [[Keccak]] || The Keccak Team || || | | [[Keccak]] || The Keccak Team || || | ||
− | |||
− | |||
|- | |- | ||
| [[LANE]] || Sebastiaan Indesteege || || | | [[LANE]] || Sebastiaan Indesteege || || | ||
Line 76: | Line 72: | ||
|- | |- | ||
| [[MD6]] || Ronald L. Rivest || || | | [[MD6]] || Ronald L. Rivest || || | ||
− | |||
− | |||
|- | |- | ||
| [[NaSHA]] || Smile Markovski || style="background:yellow" | collision || | | [[NaSHA]] || Smile Markovski || style="background:yellow" | collision || | ||
Line 102: | Line 96: | ||
|- | |- | ||
| [[SWIFFTX]] || Daniele Micciancio || || | | [[SWIFFTX]] || Daniele Micciancio || || | ||
− | |||
− | |||
|- | |- | ||
| [[TIB3]] || Daniel Penazzi || || | | [[TIB3]] || Daniel Penazzi || || | ||
Line 122: | Line 114: | ||
| [[Boole]] || Greg Rose || conceded broken || style="background:red" | collision | | [[Boole]] || Greg Rose || conceded broken || style="background:red" | collision | ||
|- | |- | ||
+ | | [[DCH]] || David A. Wilson || conceded broken || style="background:red" | collision | ||
+ | |- | ||
| [[HASH 2X]] || Jason Lee || not in round 1 || style="background:red" | 2nd-preimage | | [[HASH 2X]] || Jason Lee || not in round 1 || style="background:red" | 2nd-preimage | ||
+ | |- | ||
+ | | [[Khichidi-1]] || M. Vidyasagar || conceded broken || style="background:red" | collision | ||
|- | |- | ||
| [[Maraca]] || Robert J. Jenkins || not in round 1 || style="background:yellow" | collision | | [[Maraca]] || Robert J. Jenkins || not in round 1 || style="background:yellow" | collision | ||
+ | |- | ||
+ | | [[MeshHash]] || Björn Fay || conceded broken || style="background:orange" | 2nd preimage | ||
|- | |- | ||
| [[NKS2D]] || Geoffrey Park || not in round 1 || style="background:red" | collision | | [[NKS2D]] || Geoffrey Park || not in round 1 || style="background:red" | collision | ||
|- | |- | ||
| [[Ponic]] || Peter Schmidt-Nielsen || not in round 1 || style="background:yellow" | 2nd-preimage | | [[Ponic]] || Peter Schmidt-Nielsen || not in round 1 || style="background:yellow" | 2nd-preimage | ||
+ | |- | ||
+ | | [[Tangle]] || Rafael Alvarez || conceded broken || style="background:red" | collision | ||
|- | |- | ||
| [[WaMM]] || John Washburn || conceded broken || style="background:red" | collision | | [[WaMM]] || John Washburn || conceded broken || style="background:red" | collision |
Revision as of 15:24, 8 January 2009
The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the SHA-3 contest (see also here). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all SHA-3 submitters is also available. For a software performance related overview, see eBASH. At a separate page, we also collect hardware implementation results of the candidates. Another categorization of the SHA-3 submissions can be found here.
The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in Cryptanalysis Categories.
At this time, 55 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to the first round. So far, 3 out of 51 first round candidates have been officially conceded broken or withdrawn by the designers.
The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages. A description of the main table is given here.
Recent updates of the SHA-3 Zoo
Hash Name | Principal Submitter | Best Attack on Main NIST Requirements | Best Attack on other Hash Requirements |
---|---|---|---|
Abacus | Neil Sholer | 2nd-preimage | |
ARIRANG | Jongin Lim | ||
AURORA | Masahiro Fujita | ||
BLAKE | Jean-Philippe Aumasson | ||
Blender | Colin Bradbury | preimage | |
Blue Midnight Wish | Svein Johan Knapskog | ||
Cheetah | Dmitry Khovratovich | length-extension | |
CHI | Phillip Hawkes | ||
CRUNCH | Jacques Patarin | ||
CubeHash | Daniel J. Bernstein | preimage | |
Dynamic SHA | Xu Zijie | length-extension | |
Dynamic SHA2 | Xu Zijie | length-extension | |
ECHO | Henri Gilbert | ||
ECOH | Daniel R. L. Brown | ||
Edon-R | Danilo Gligoroski | preimage | |
EnRUPT | Sean O’Neil | collision | |
ESSENCE | Jason Worth Martin | ||
FSB | Matthieu Finiasz | ||
Fugue | Charanjit S. Jutla | ||
Grøstl | Lars R. Knudsen | ||
Hamsi | Ozgul Kucuk | ||
JH | Hongjun Wu | preimage | |
Keccak | The Keccak Team | ||
LANE | Sebastiaan Indesteege | ||
Lesamnta | Hirotaka Yoshida | ||
Luffa | Dai Watanabe | ||
LUX | Ivica Nikolic | ||
MCSSHA-3 | Mikhail Maslennikov | collision | |
MD6 | Ronald L. Rivest | ||
NaSHA | Smile Markovski | collision | |
SANDstorm | Rich Schroeppel | ||
Sarmal | Kerem Varici | preimage | |
Sgàil | Peter Maxwell | collision | |
Shabal | Jean-Francois Misarsky | ||
SHAMATA | Orhun Kara | ||
SHAvite-3 | Orr Dunkelman | ||
SIMD | Gaetan Leurent | ||
Skein | Bruce Schneier | ||
Spectral Hash | Cetin Kaya Koc | ||
StreamHash | Michal Trojnara | collision | |
SWIFFTX | Daniele Micciancio | ||
TIB3 | Daniel Penazzi | ||
Twister | Michael Gorski | 2nd preimage | |
Vortex | Michael Kounavis | preimage |
The following hash functions have been submitted to the NIST competition but did not advance to the first round or have been conceded broken by the designers:
Hash Name | Principal Submitter | Status | Best Attack on Main NIST Requirements |
---|---|---|---|
Boole | Greg Rose | conceded broken | collision |
DCH | David A. Wilson | conceded broken | collision |
HASH 2X | Jason Lee | not in round 1 | 2nd-preimage |
Khichidi-1 | M. Vidyasagar | conceded broken | collision |
Maraca | Robert J. Jenkins | not in round 1 | collision |
MeshHash | Björn Fay | conceded broken | 2nd preimage |
NKS2D | Geoffrey Park | not in round 1 | collision |
Ponic | Peter Schmidt-Nielsen | not in round 1 | 2nd-preimage |
Tangle | Rafael Alvarez | conceded broken | collision |
WaMM | John Washburn | conceded broken | collision |
Waterfall | Bob Hattersley | conceded broken | collision |
Your analysis is not mentioned? Drop a line at sha3zoo@iaik.tugraz.at to let us know!