Difference between revisions of "FFT-Hash I"

From The ECRYPT Hash Function Website
(Collision Attacks)
 
(2 intermediate revisions by 2 users not shown)
Line 23: Line 23:
  
 
<bibtex>
 
<bibtex>
@INPROCEEDINGS{DBLP:conf/eurocrypt/BaritaudGG92,
+
@inproceedings{eurocryptBaritaudGG92,
 
   author = {Thierry Baritaud and Henri Gilbert and Marc Girault},
 
   author = {Thierry Baritaud and Henri Gilbert and Marc Girault},
 
   title = {FFT Hashing is not Collision-free},
 
   title = {FFT Hashing is not Collision-free},
Line 29: Line 29:
 
   year = {1992},
 
   year = {1992},
 
   pages = {35-44},
 
   pages = {35-44},
   abstract = {The FFT Hashing Function proposed by C.P. Schnorr [1] hashes messages
+
   abstract = {The FFT Hashing Function proposed by C.P. Schnorr [1] hashes messages of arbitrary length into a 128-bit hash value. In this paper, we show that this function is not collision free, and we give an example of two distinct 256-bit messages with the same hash value. Finding a collision (in fact a large family of, colliding messages) requires approximately 223 partial computations of the hash function, and takes a few hours on a SUN3- workstation, and less than an hour on a SPARC-workstation. A similar result discovered independently has been announced at the Asiacrypt’91 rump session by Daemen-Bosselaers-Govaerts-Vandewalle [2].},
of arbitrary length into a 128-bit hash value. In this paper, we
+
   url = {http://link.springer.de/link/service/series/0558/bibs/0658/06580035.htm},
show that this function is not collision free, and we give an example
+
  editor    = {Rainer A. Rueppel},
of two distinct 256-bit messages with the same hash value. Finding
+
  series    = {LNCS},
a collision (in fact a large family of, colliding messages) requires
+
  volume    = {658},
approximately 223 partial computations of the hash function, and
+
  year      = {1993},
takes a few hours on a SUN3- workstation, and less than an hour on
 
a SPARC-workstation. A similar result discovered independently has
 
been announced at the Asiacrypt’91 rump session by Daemen-Bosselaers-Govaerts-Vandewalle
 
[2].},
 
  bibsource = {DBLP, http://dblp.uni-trier.de},
 
   url = {http://link.springer.de/link/service/series/0558/bibs/0658/06580035.htm}
 
 
}
 
}
 
</bibtex>
 
</bibtex>
 
 
  
 
----
 
----

Latest revision as of 13:48, 10 November 2008

1 Specification

2 Cryptanalysis

2.1 Best Known Results


2.2 Generic Attacks


2.3 Collision Attacks

Thierry Baritaud, Henri Gilbert, Marc Girault - FFT Hashing is not Collision-free

EUROCRYPT 658:35-44,1993
http://link.springer.de/link/service/series/0558/bibs/0658/06580035.htm
Bibtex
Author : Thierry Baritaud, Henri Gilbert, Marc Girault
Title : FFT Hashing is not Collision-free
In : EUROCRYPT -
Address :
Date : 1993

2.4 Second Preimage Attacks


2.5 Preimage Attacks


2.6 Others