Difference between revisions of "The SHA-3 Zoo"
m |
Mschlaeffer (talk | contribs) |
||
| Line 1: | Line 1: | ||
The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the [http://www.nist.gov/hash-competition SHA-3 contest] (see also [http://en.wikipedia.org/wiki/SHA-3 here]). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all [[SHA-3 submitters]] is also available. For a software performance related overview, see [http://bench.cr.yp.to/ebash.html eBASH]. At a separate page, we also collect [[SHA-3_Hardware_Implementations | hardware implementation results]] of the candidates. Another categorization of the SHA-3 submissions can be found [http://eprint.iacr.org/2008/511.pdf here]. | The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the [http://www.nist.gov/hash-competition SHA-3 contest] (see also [http://en.wikipedia.org/wiki/SHA-3 here]). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all [[SHA-3 submitters]] is also available. For a software performance related overview, see [http://bench.cr.yp.to/ebash.html eBASH]. At a separate page, we also collect [[SHA-3_Hardware_Implementations | hardware implementation results]] of the candidates. Another categorization of the SHA-3 submissions can be found [http://eprint.iacr.org/2008/511.pdf here]. | ||
| − | + | ||
The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in [[Cryptanalysis Categories]]. | The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in [[Cryptanalysis Categories]]. | ||
| − | At this time, 56 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/index.html round 1] | + | At this time, 56 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/index.html round 1], 14 submissions have made it into [http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/index.html round 2] and 5 candidates have been selected for the [http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/index.html final]. |
The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages. A description of the main table is given [[Cryptanalysis_Categories#Main_Cryptanalysis_Table | here]]. | The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages. A description of the main table is given [[Cryptanalysis_Categories#Main_Cryptanalysis_Table | here]]. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| Line 31: | Line 27: | ||
|} | |} | ||
| + | |||
| + | [http://ehash.iaik.tugraz.at/index.php?title=Special:Recentchangeslinked&target=The_SHA-3_Zoo&days=7&limit=50&hideminor=1 Recent updates of the SHA-3 Zoo] | ||
| + | |||
| + | Your analysis is not mentioned? Drop a line at sha3zoo@iaik.tugraz.at to let us know! | ||
| + | |||
| + | <font color=red>Call for contribution:</font> | ||
| + | A subgroup of STVL in ECRYPT2 started working on an Ecrypt report on the status of the SHA-3 finalists. The report will contain a survey of the results published on the finalists. If you recently obtained new results, which are not public yet and you want to see them included in the report, please contact vincent.rijmen@iaik.tugraz.at . | ||
| Line 162: | Line 165: | ||
| [[ZK-Crypt]] || Carmi Gressel || not in round 1 || || | | [[ZK-Crypt]] || Carmi Gressel || not in round 1 || || | ||
|} | |} | ||
| − | |||
| − | |||
| − | |||
| − | |||
Revision as of 10:08, 30 March 2011
The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the SHA-3 contest (see also here). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all SHA-3 submitters is also available. For a software performance related overview, see eBASH. At a separate page, we also collect hardware implementation results of the candidates. Another categorization of the SHA-3 submissions can be found here.
The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in Cryptanalysis Categories.
At this time, 56 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to round 1, 14 submissions have made it into round 2 and 5 candidates have been selected for the final.
The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages. A description of the main table is given here.
The 5 finalists of the SHA-3 competition are:
| Hash Name | Principal Submitter | Best Attack on Main NIST Requirements | Best Attack on other Hash Requirements |
|---|---|---|---|
| BLAKE | Jean-Philippe Aumasson | ||
| Grøstl | Lars R. Knudsen | ||
| JH | Hongjun Wu | preimage | |
| Keccak | The Keccak Team | ||
| Skein | Bruce Schneier |
Recent updates of the SHA-3 Zoo
Your analysis is not mentioned? Drop a line at sha3zoo@iaik.tugraz.at to let us know!
Call for contribution: A subgroup of STVL in ECRYPT2 started working on an Ecrypt report on the status of the SHA-3 finalists. The report will contain a survey of the results published on the finalists. If you recently obtained new results, which are not public yet and you want to see them included in the report, please contact vincent.rijmen@iaik.tugraz.at .
The following SHA-3 candidates advanced to round 2 but did not get into the final:
Round 2 tweaks for all candidates
| Hash Name | Principal Submitter | Best Attack on Main NIST Requirements | Best Attack on other Hash Requirements |
|---|---|---|---|
| Blue Midnight Wish | Svein Johan Knapskog | ||
| CubeHash | Daniel J. Bernstein | preimage | |
| ECHO | Henri Gilbert | ||
| Fugue | Charanjit S. Jutla | ||
| Hamsi | Özgül Küçük | ||
| Luffa | Dai Watanabe | ||
| Shabal | Jean-François Misarsky | ||
| SHAvite-3 | Orr Dunkelman | ||
| SIMD | Gaëtan Leurent |
The following submitted hash functions have not advanced to round 2:
| Hash Name | Principal Submitter | Status | Best Attack on Main NIST Requirements | Best Attack on other Hash Requirements |
|---|---|---|---|---|
| Abacus | Neil Sholer | in round 1 | 2nd-preimage | |
| ARIRANG | Jongin Lim | in round 1 | ||
| AURORA | Masahiro Fujita | in round 1 | 2nd preimage | |
| Blender | Colin Bradbury | in round 1 | collision, preimage | near-collision |
| Boole | Greg Rose | in round 1 | collision | |
| Cheetah | Dmitry Khovratovich | in round 1 | length-extension | |
| CHI | Phillip Hawkes | in round 1 | ||
| CRUNCH | Jacques Patarin | in round 1 | length-extension | |
| DCH | David A. Wilson | in round 1 | collision | |
| Dynamic SHA | Xu Zijie | in round 1 | collision | length-extension |
| Dynamic SHA2 | Xu Zijie | in round 1 | collision | length-extension |
| ECOH | Daniel R. L. Brown | in round 1 | 2nd preimage | |
| Edon-R | Danilo Gligoroski | in round 1 | preimage | |
| EnRUPT | Sean O'Neil | in round 1 | collision | |
| ESSENCE | Jason Worth Martin | in round 1 | collision | |
| FSB | Matthieu Finiasz | in round 1 | ||
| HASH 2X | Jason Lee | not in round 1 | 2nd-preimage | |
| Khichidi-1 | M. Vidyasagar | in round 1 | collision | |
| LANE | Sebastiaan Indesteege | in round 1 | ||
| Lesamnta | Hirotaka Yoshida | in round 1 | ||
| LUX | Ivica Nikolić | in round 1 | collision, 2nd preimage | DRBG,HMAC |
| Maraca | Robert J. Jenkins | not in round 1 | preimage | |
| MCSSHA-3 | Mikhail Maslennikov | in round 1 | 2nd preimage | |
| MD6 | Ronald L. Rivest | in round 1 | ||
| MeshHash | Björn Fay | in round 1 | 2nd preimage | |
| NaSHA | Smile Markovski | in round 1 | collision | |
| NKS2D | Geoffrey Park | not in round 1 | collision | |
| Ponic | Peter Schmidt-Nielsen | not in round 1 | 2nd-preimage | |
| SANDstorm | Rich Schroeppel | in round 1 | ||
| Sarmal | Kerem Varıcı | in round 1 | preimage | |
| Sgàil | Peter Maxwell | in round 1 | collision | |
| SHAMATA | Orhun Kara | in round 1 | collision | |
| Spectral Hash | Çetin Kaya Koç | in round 1 | collision | |
| StreamHash | Michal Trojnara | in round 1 | collision | |
| SWIFFTX | Daniele Micciancio | in round 1 | ||
| Tangle | Rafael Alvarez | in round 1 | collision | |
| TIB3 | Daniel Penazzi | in round 1 | collision | |
| Twister | Michael Gorski | in round 1 | preimage | |
| Vortex | Michael Kounavis | in round 1 | preimage | |
| WaMM | John Washburn | in round 1 | collision | |
| Waterfall | Bob Hattersley | in round 1 | collision | |
| ZK-Crypt | Carmi Gressel | not in round 1 |
