Difference between revisions of "Sarmal"

From The ECRYPT Hash Function Website
m
(added preimage attack with chosen salt)
Line 26: Line 26:
 
|-                     
 
|-                     
 
|  | collision with salt || hash || 224,256,384 ||  || 2<sup>n/3</sup> || 2<sup>n/3</sup> || [http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf Mendel,Schläffer]
 
|  | collision with salt || hash || 224,256,384 ||  || 2<sup>n/3</sup> || 2<sup>n/3</sup> || [http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf Mendel,Schläffer]
 +
|-                   
 +
|  | preimage with salt || hash || 224,256 ||  || 2<sup>n/2+x</sup> || 2<sup>n/2-x</sup> || [http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf Mendel,Schläffer]
 +
|-                   
 +
|  | preimage with salt || hash || 384,512 ||  || 2<sup>n-128+x</sup> || 2<sup>128-x</sup> || [http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf Mendel,Schläffer]
 
|-                                     
 
|-                                     
 
|}                     
 
|}                     
Line 46: Line 50:
 
@misc{sarmalMS08,
 
@misc{sarmalMS08,
 
   author    = {Florian Mendel and Martin Schläffer},
 
   author    = {Florian Mendel and Martin Schläffer},
   title    = {Collisions and Pseudo-Collisions for Sarmal},
+
   title    = {Collisions and Preimages for Sarmal},
 
   url        = {http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf},
 
   url        = {http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf},
 
   howpublished = {Available online},
 
   howpublished = {Available online},
 
   year      = {2008},
 
   year      = {2008},
   abstract  = {In this paper, we show a collision attack on the hash function of Sarmal with different salt. The attack has a complexity of 2^{n/3} compression function evaluations and memory requirement of 2^{n/3}. Since the salt of Sarmal is only 256 bits the attack works only for variants of Sarmal up to 384 bits. Note that we can choose the messages in our attack and hence we can even construct meaningful collisions for the hash function.},
+
   abstract  = {In this paper, we show a collision attack on the hash function of Sarmal with different salt. The attack has a complexity of $2^{n/3}$ compression function evaluations and memory requirement of $2^{n/3}$. Since the salt of Sarmal is only 256 bits the attack works only for variants of Sarmal up to 384 bits. Note that we can choose the messages in our attack and hence we can even construct meaningful collisions for the hash function.
 +
Furthermore, we show how to construct preimages for Sarmal faster than brute force search if the attacker can choose the salt value. The attack works for all output sizes of Sarmal and with a complexity of $2^{n/2+x}$ compression function evaluations and memory requirements of $2^{n/2-x}$ for $n=\{224,256\}$, and $2^{n-128+x}$ compression function evaluations and memory requirements of $2^{128-x}$ for $n=\{384,512\}$.},
 
}
 
}
 
</bibtex>
 
</bibtex>

Revision as of 16:23, 21 January 2009

1 The algorithm


Kerem Var\i c\i \, Onur \"Ozen, \cCelebi Kocair - Sarmal: SHA-3 Proposal

,2008
http://www.metu.edu.tr/~e127761/Supporting_Documentation/SarmaL.pdf
Bibtex
Author : Kerem Var\i c\i \, Onur \"Ozen, \cCelebi Kocair
Title : Sarmal: SHA-3 Proposal
In : -
Address :
Date : 2008


2 Cryptanalysis

Type of Analysis Hash Function Part Hash Size (n) Parameters/Variants Compression Function Calls Memory Requirements Reference
preimage hash 512 max(2512-s,2256+s) 2s Nikolić
collision with salt hash 224,256,384 2n/3 2n/3 Mendel,Schläffer
preimage with salt hash 224,256 2n/2+x 2n/2-x Mendel,Schläffer
preimage with salt hash 384,512 2n-128+x 2128-x Mendel,Schläffer

A description of this table is given here.


Ivica Nikolić - Preimage attack on Sarmal-512

,2008
http://ehash.iaik.tugraz.at/uploads/7/77/Sarmal.pdf
Bibtex
Author : Ivica Nikolić
Title : Preimage attack on Sarmal-512
In : -
Address :
Date : 2008

Florian Mendel, Martin Schläffer - Collisions and Preimages for Sarmal

,2008
http://ehash.iaik.tugraz.at/uploads/d/d1/Salt-collision.pdf
Bibtex
Author : Florian Mendel, Martin Schläffer
Title : Collisions and Preimages for Sarmal
In : -
Address :
Date : 2008