Difference between revisions of "Vortex"

From The ECRYPT Hash Function Website
(Specification)
(Update on Vortex)
 
Line 27: Line 27:
  
 
=== Best Known Results ===
 
=== Best Known Results ===
 
+
Collision attacks and distinguishing attacks were found.
 
----
 
----
  
Line 36: Line 36:
  
 
=== Collision Attacks ===
 
=== Collision Attacks ===
 +
A collision attack is described in
 +
<bibtex>
 +
@inproceedings{ADMRT09,
 +
  author    = {Jean-Philippe Aumasson and Orr Dunkelman and Florian Mendel and Christian Rechberger and Søren S. Thomsen},
 +
  title    = {Cryptanalysis of Vortex},
 +
  booktitle = {AFRICACRYPT},
 +
  year      = {2009},
 +
  publisher = {Springer},
 +
  editor = {Bart Preneel},
 +
  series    = {LNCS},
 +
  pages    = {14-28},
 +
  volume    = {5580},
 +
  url = {http://www.131002.net/data/papers/ADMRT09.pdf},
 +
  abstract = {Vortex is a hash function that was first presented at ISC’2008, then submitted to the NIST SHA-3 competition after some modifications. This paper describes several attacks on both versions of Vortex, including collisions, second preimages, preimages, and distinguishers. Our attacks exploit flaws both in the high-level design and in the lower-level algorithms.},
 +
}
 +
</bibtex>
  
 
----
 
----
  
=== Second Preimage Attacks ===
 
  
 
----
 
----
  
 
=== Preimage Attacks ===
 
=== Preimage Attacks ===
 +
  
  
Line 49: Line 65:
  
 
=== Others ===
 
=== Others ===
 +
A distinguisher is described in
 +
<bibtex>
 +
@inproceedings{ADMRT09,
 +
  author    = {Jean-Philippe Aumasson and Orr Dunkelman and Florian Mendel and Christian Rechberger and Søren S. Thomsen},
 +
  title    = {Cryptanalysis of Vortex},
 +
  booktitle = {AFRICACRYPT},
 +
  year      = {2009},
 +
  publisher = {Springer},
 +
  editor = {Bart Preneel},
 +
  series    = {LNCS},
 +
  pages    = {14-28},
 +
  volume    = {5580},
 +
  url = {http://www.131002.net/data/papers/ADMRT09.pdf},
 +
  abstract = {Vortex is a hash function that was first presented at ISC’2008, then submitted to the NIST SHA-3 competition after some modifications. This paper describes several attacks on both versions of Vortex, including collisions, second preimages, preimages, and distinguishers. Our attacks exploit flaws both in the high-level design and in the lower-level algorithms.},
 +
}
 +
</bibtex>

Latest revision as of 14:50, 30 July 2009

1 Specification

  • digest size: 256 bits
  • max. message length: < 264 bits
  • compression function: 512-bit message block, 256-bit chaining variable
  • Specification:

Shay Gueron, Michael E. Kounavis - Vortex: A New Family of One-Way Hash Functions Based on AES Rounds and Carry-Less Multiplication

ISC 5222:331-340,2008
http://dx.doi.org/10.1007/978-3-540-85886-7_23
Bibtex
Author : Shay Gueron, Michael E. Kounavis
Title : Vortex: A New Family of One-Way Hash Functions Based on AES Rounds and Carry-Less Multiplication
In : ISC -
Address :
Date : 2008

2 Cryptanalysis

2.1 Best Known Results

Collision attacks and distinguishing attacks were found.


2.2 Generic Attacks


2.3 Collision Attacks

A collision attack is described in

Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen - Cryptanalysis of Vortex

AFRICACRYPT 5580:14-28,2009
http://www.131002.net/data/papers/ADMRT09.pdf
Bibtex
Author : Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen
Title : Cryptanalysis of Vortex
In : AFRICACRYPT -
Address :
Date : 2009



2.4 Preimage Attacks


2.5 Others

A distinguisher is described in

Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen - Cryptanalysis of Vortex

AFRICACRYPT 5580:14-28,2009
http://www.131002.net/data/papers/ADMRT09.pdf
Bibtex
Author : Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen
Title : Cryptanalysis of Vortex
In : AFRICACRYPT -
Address :
Date : 2009