Difference between revisions of "Blender"

From The ECRYPT Hash Function Website
m (Cryptanalysis)
(Huge Multicollisions and Multipreimages of Hash Functions BLENDER-n)
 
Line 25: Line 25:
 
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference  
 
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements ||  Reference  
 
|-                     
 
|-                     
 +
| style="background:orange" | preimage || hash || all ||  || 10*2<sup>n/4</sup> || - || [http://eprint.iacr.org/2009/006.pdf Klima]
 +
|-                   
 +
| style="background:orange" | collision || hash || all ||  || 10*2<sup>n/4</sup> || - || [http://eprint.iacr.org/2009/006.pdf Klima]
 +
|-
 
| style="background:orange" | preimage || hash || all ||  || n*2<sup>(n+w)/2</sup> || - || [http://ehash.iaik.tugraz.at/uploads/2/20/Observations_on_Blender.pdf Newbold]
 
| style="background:orange" | preimage || hash || all ||  || n*2<sup>(n+w)/2</sup> || - || [http://ehash.iaik.tugraz.at/uploads/2/20/Observations_on_Blender.pdf Newbold]
 
|-                     
 
|-                     
Line 37: Line 41:
 
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
 
A description of this table is given [http://ehash.iaik.tugraz.at/wiki/Cryptanalysis_Categories#Individual_Hash_Function_Tables here].
  
 +
 +
<bibtex>
 +
@misc{cryptoeprint:2009:006,
 +
    author = {Vlastimil Klima},
 +
    title = {Huge Multicollisions and Multipreimages of Hash Functions BLENDER-n},
 +
    howpublished = {Cryptology ePrint Archive, Report 2009/006},
 +
    year = {2009},
 +
    note = {\url{http://eprint.iacr.org/2009/006.pdf}},
 +
    abstract = { In this paper we present a multicollision and multipreimage attack on the hash function Blender-n [1] for all output sizes n = 224, 256, 384 and 512. The complexity and memory requirements for finding 2^{2n} multipreimages (multicollisions) of Blender-n is roughly 10 times more than finding a collision for n/2-bit random hash function. All previous attacks were based on the trick by Joux [2] using many messages. Our attacks are based on one message with several fixpoints. The state register has eight words. By properly choosing message words we force half of the register to go to the original state. Then we will find a collision in the rest with complexity 2^{n/4}. The collision creates a fix point in the sequence of states of the state register. We use 10 such fix points. Previously known attacks [4, 5] on Blender-n have the complexity at least 2^{n/2}. Our 2^{2n}-multicollision and multipreimage attacks have a complexity 10*2^{n/4}.},
 +
}
 +
</bibtex>
  
 
<bibtex>
 
<bibtex>

Latest revision as of 14:43, 8 January 2009

1 The algorithm

  • Author(s): Colin Bradbury
  • NIST submission package: Blender.zip


Colin Bradbury - BLENDER: A Proposed New Family of Cryptographic Hash Algorithms

,2008
http://ehash.iaik.tugraz.at/uploads/5/5e/Blender.pdf
Bibtex
Author : Colin Bradbury
Title : BLENDER: A Proposed New Family of Cryptographic Hash Algorithms
In : -
Address :
Date : 2008


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
preimage hash all 10*2n/4 - Klima
collision hash all 10*2n/4 - Klima
preimage hash all n*2(n+w)/2 - Newbold
preimage hash all n*2n/2 - Mendel
near-collision hash all example - Klima
semi-free start collision hash all example - Xu

A description of this table is given here.


Vlastimil Klima - Huge Multicollisions and Multipreimages of Hash Functions BLENDER-n

,2009
Bibtex
Author : Vlastimil Klima
Title : Huge Multicollisions and Multipreimages of Hash Functions BLENDER-n
In : -
Address :
Date : 2009

Craig Newbold - Observations and Attacks On The SHA-3 Candidate Blender

,2008
http://ehash.iaik.tugraz.at/uploads/2/20/Observations_on_Blender.pdf
Bibtex
Author : Craig Newbold
Title : Observations and Attacks On The SHA-3 Candidate Blender
In : -
Address :
Date : 2008

Florian Mendel - Preimage Attack on Blender

,2008
http://ehash.iaik.tugraz.at/uploads/4/48/Blender-preimage.pdf
Bibtex
Author : Florian Mendel
Title : Preimage Attack on Blender
In : -
Address :
Date : 2008

Vlastimil Klima - A near-collision attack on Blender-256

,2008
http://cryptography.hyperlink.cz/BMW/near_collision_blender.pdf
Bibtex
Author : Vlastimil Klima
Title : A near-collision attack on Blender-256
In : -
Address :
Date : 2008

Liangyu Xu - Semi-free start collision attack on Blender

,2008
http://eprint.iacr.org/2008/532.pdf
Bibtex
Author : Liangyu Xu
Title : Semi-free start collision attack on Blender
In : -
Address :
Date : 2008