Difference between revisions of "Vortex (SHA-3 submission)"

From The ECRYPT Hash Function Website
(added correlation result on Vortex)
m (updated Bibtex entry)
 
(7 intermediate revisions by 3 users not shown)
Line 2: Line 2:
  
 
* Author(s): Michael Kounavis, Shay Gueron
 
* Author(s): Michael Kounavis, Shay Gueron
<!--
+
* Website: [http://math.haifa.ac.il/~vortex http://math.haifa.ac.il/~vortex]
* Website:  
 
-->
 
 
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/Vortex.zip Vortex.zip]
 
* NIST submission package: [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/documents/Vortex.zip Vortex.zip]
* Specification: [http://eprint.iacr.org/2008/464 http://eprint.iacr.org/2008/464]
+
 
  
 
<bibtex>
 
<bibtex>
Line 17: Line 15:
 
}
 
}
 
</bibtex>
 
</bibtex>
 +
  
 
== Cryptanalysis ==
 
== Cryptanalysis ==
 +
 +
{| border="1" cellpadding="4" cellspacing="0" class="wikitable" style="text-align:center"                 
 +
|- style="background:#efefef;"                 
 +
|  Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference                   
 +
|-                             
 +
|  | correlation analysis || hash || all ||  || - || - || [http://ehash.iaik.tugraz.at/uploads/6/6d/Vortex_correlation.txt Ferguson]
 +
|-
 +
|  style="background:yellow"| preimage || hash || 256 ||  || 2<sup>195</sup> || 2<sup>64</sup> || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|-
 +
|  style="background:yellow"| preimage || hash || 512 ||  || 2<sup>387</sup> || 2<sup>128</sup> || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|-
 +
|  style="background:greenyellow"| collision || hash || 256 ||  || 2<sup>124.5</sup> || 2<sup>124.5</sup> || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|- 
 +
|  style="background:greenyellow"| collision || hash || 512 ||  || 2<sup>251.7</sup> || 2<sup>251.7</sup> || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|- 
 +
|  | distinguisher || hash || 256 ||  || 2<sup>97</sup> || - || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|-     
 +
|  | 2nd preimage || hash || 256 || weak messages || 2<sup>129</sup> || - || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|- 
 +
|  | 2nd preimage || hash || 256 || weak messages || 2<sup>33</sup> || 2<sup>135</sup> || [http://www.131002.net/data/papers/ADMRT09.pdf Aumasson,Dunkelman,Mendel,Rechberger,Thomsen]
 +
|-       
 +
|}                   
 +
 +
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
 +
 +
 +
<bibtex>
 +
@misc{VortexF08,
 +
  author    = {Niels Ferguson},
 +
  title    = {Simple correlation on some of the output bits of Vortex},
 +
  url = {http://ehash.iaik.tugraz.at/uploads/6/6d/Vortex_correlation.txt},
 +
  howpublished = {OFFICIAL COMMENT (local link)},
 +
  year = {2008},
 +
}
 +
</bibtex>
 +
 +
<bibtex>
 +
@inproceedings{ADMRT09,
 +
  author    = {Jean-Philippe Aumasson and Orr Dunkelman and Florian Mendel and Christian Rechberger and Søren S. Thomsen},
 +
  title    = {Cryptanalysis of Vortex},
 +
  booktitle = {AFRICACRYPT},
 +
  year      = {2009},
 +
  publisher = {Springer},
 +
  editor = {Bart Preneel},
 +
  series    = {LNCS},
 +
  pages    = {14-28},
 +
  volume    = {5580},
 +
  url = {http://www.131002.net/data/papers/ADMRT09.pdf},
 +
  abstract = {Vortex is a hash function that was first presented at ISC’2008, then submitted to the NIST SHA-3 competition after some modifications. This paper describes several attacks on both versions of Vortex, including collisions, second preimages, preimages, and distinguishers. Our attacks exploit flaws both in the high-level design and in the lower-level algorithms.},
 +
}
 +
</bibtex>
 +
 +
 +
===Archive===
  
 
<bibtex>
 
<bibtex>
Line 29: Line 82:
 
}
 
}
 
</bibtex>
 
</bibtex>
 
  
 
<bibtex>
 
<bibtex>
Line 47: Line 99:
 
gives distinguishers for a HMAC based on Vortex and slightly speeds up preimage  
 
gives distinguishers for a HMAC based on Vortex and slightly speeds up preimage  
 
search.},
 
search.},
}
 
</bibtex>
 
 
 
<bibtex>
 
@misc{VortexF08,
 
  author    = {Niels Ferguson},
 
  title    = {Simple correlation on some of the output bits of Vortex},
 
  url = {http://ehash.iaik.tugraz.at/uploads/6/6d/Vortex_correlation.txt},
 
  howpublished = {OFFICIAL COMMENT (local link)},
 
  year = {2008},
 
 
}
 
}
 
</bibtex>
 
</bibtex>

Latest revision as of 10:10, 22 July 2009

1 The algorithm


Michael Kounavis, Shay Gueron - Vortex: A New Family of One Way Hash Functions based on Rijndael Rounds and Carry-less Multiplication

,2008
http://eprint.iacr.org/2008/464.pdf
Bibtex
Author : Michael Kounavis, Shay Gueron
Title : Vortex: A New Family of One Way Hash Functions based on Rijndael Rounds and Carry-less Multiplication
In : -
Address :
Date : 2008


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
correlation analysis hash all - - Ferguson
preimage hash 256 2195 264 Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
preimage hash 512 2387 2128 Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
collision hash 256 2124.5 2124.5 Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
collision hash 512 2251.7 2251.7 Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
distinguisher hash 256 297 - Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
2nd preimage hash 256 weak messages 2129 - Aumasson,Dunkelman,Mendel,Rechberger,Thomsen
2nd preimage hash 256 weak messages 233 2135 Aumasson,Dunkelman,Mendel,Rechberger,Thomsen

A description of this table is given here.


Niels Ferguson - Simple correlation on some of the output bits of Vortex

,2008
http://ehash.iaik.tugraz.at/uploads/6/6d/Vortex_correlation.txt
Bibtex
Author : Niels Ferguson
Title : Simple correlation on some of the output bits of Vortex
In : -
Address :
Date : 2008

Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen - Cryptanalysis of Vortex

AFRICACRYPT 5580:14-28,2009
http://www.131002.net/data/papers/ADMRT09.pdf
Bibtex
Author : Jean-Philippe Aumasson, Orr Dunkelman, Florian Mendel, Christian Rechberger, Søren S. Thomsen
Title : Cryptanalysis of Vortex
In : AFRICACRYPT -
Address :
Date : 2009


2.1 Archive

Lars R. Knudsen, Florian Mendel, Christian Rechberger, Søren S. Thomsen - Collision and Preimage Attacks on Vortex as submitted to the SHA-3 competition

,2008
http://ehash.iaik.tugraz.at/uploads/5/5c/Vortex_Collisions_and_Preimages_note.txt
Bibtex
Author : Lars R. Knudsen, Florian Mendel, Christian Rechberger, Søren S. Thomsen
Title : Collision and Preimage Attacks on Vortex as submitted to the SHA-3 competition
In : -
Address :
Date : 2008

Jean-Philippe Aumasson, Orr Dunkelman - A note on Vortex' security

,2008
http://www.131002.net/data/papers/AD08.pdf
Bibtex
Author : Jean-Philippe Aumasson, Orr Dunkelman
Title : A note on Vortex' security
In : -
Address :
Date : 2008
Retrieved from "https://ehash.iaik.tugraz.at/index.php?title=Vortex_(SHA-3_submission)&oldid=3174"