Difference between revisions of "CubeHash"
(added eprint 2010/506) |
m (→Building blocks: dashes added) |
||
| Line 110: | Line 110: | ||
| Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | | Type of Analysis || Hash Function Part || Hash Size (n) || Parameters/Variants || Compression Function Calls || Memory Requirements || Reference | ||
|- | |- | ||
| − | | quantum preimage || hash || 512 || || 2<sup>192</sup> || | + | | quantum preimage || hash || 512 || || 2<sup>192</sup> || - || [http://eprint.iacr.org/2008/506.pdf Leurent] |
|- | |- | ||
| − | | distinguisher || permutation|| all || 14 rounds || 2<sup>812</sup> || | + | | distinguisher || permutation|| all || 14 rounds || 2<sup>812</sup> || - || [http://eprint.iacr.org/2010/535.pdf Ashur,Dunkelman] |
|- | |- | ||
| − | | distinguisher || permutation|| all || 11 rounds || 2<sup>470</sup> || | + | | distinguisher || permutation|| all || 11 rounds || 2<sup>470</sup> || - || [http://eprint.iacr.org/2010/535.pdf Ashur,Dunkelman] |
|- | |- | ||
| − | | observations || hash || all || || | + | | observations || hash || all || || - || - || [http://eprint.iacr.org/2010/262.pdf Kaminsky] |
|- | |- | ||
| − | | observations || hash || all || || | + | | observations || hash || all || || - || - || [http://eprint.iacr.org/2009/407.pdf Bloom,Kaminsky] |
|- | |- | ||
| multi-collision || hash || all || || 2<sup>513-4b</sup> || - || [http://eprint.iacr.org/2008/486.pdf Aumasson,Meier,Naya-Plasencia,Peyrin] | | multi-collision || hash || all || || 2<sup>513-4b</sup> || - || [http://eprint.iacr.org/2008/486.pdf Aumasson,Meier,Naya-Plasencia,Peyrin] | ||
|- | |- | ||
| − | | observations || permutation|| all || || | + | | observations || permutation|| all || || - || - || [http://eprint.iacr.org/2008/486.pdf Aumasson,Meier,Naya-Plasencia,Peyrin] |
|- | |- | ||
|} | |} | ||
Latest revision as of 09:46, 9 November 2010
1 The algorithm
- Author(s): Dan Bernstein
- Website: http://cubehash.cr.yp.to/
- NIST submission package:
- round 1: CubeHash.zip
- round 2: CubeHash_Round2.zip
Daniel J. Bernstein - CubeHash specification (2.B.1)
- ,2009
- http://cubehash.cr.yp.to/submission2/spec.pdf
BibtexAuthor : Daniel J. Bernstein
Title : CubeHash specification (2.B.1)
In : -
Address :
Date : 2009
Daniel J. Bernstein - CubeHash parameter tweak: 16 times faster
- ,2009
- http://cubehash.cr.yp.to/submission/tweak.pdf
BibtexAuthor : Daniel J. Bernstein
Title : CubeHash parameter tweak: 16 times faster
In : -
Address :
Date : 2009
Daniel J. Bernstein - CubeHash Specification (2.B.1)
- ,2008
- http://cubehash.cr.yp.to/submission/spec.pdf
BibtexAuthor : Daniel J. Bernstein
Title : CubeHash Specification (2.B.1)
In : -
Address :
Date : 2008
2 Cryptanalysis
We distinguish between two cases: results on the complete hash function, and results on underlying building blocks.
A description of the tables is given here.
Recommended security parameters: r/b = 16/32 (n=224,256); 16/32 (n=384,512)
2.1 Hash function
Here we list results on the hash function according to the NIST requirements. The only allowed modification is to change the security parameter.
| Type of Analysis | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| preimage | 384,512 | r/32 | 2383.7 | - | Ferguson,Lucks,McKay |
| preimage | 384,512 | r/33 | 2257.6 | - | Ferguson,Lucks,McKay |
| collision | 512 | 7/64 | 2203 | - | Brier,Khazaei,Meier,Peyrin |
| collision | all | 4/48 | example (237) | - | Brier,Khazaei,Meier,Peyrin |
| collision | all | 4/64 | example (234) | - | Brier,Khazaei,Meier,Peyrin |
| collision | all | 3/64 | example (224) | - | Brier,Khazaei,Meier,Peyrin |
| collision | 512 | 2/2 | 2196 | - | Brier,Khazaei,Meier,Peyrin |
| collision | 512 | 5/64 | 2231 | - | Brier,Peyrin |
| collision | all | 3/64 | 289 | - | Brier,Peyrin |
| collision | 512 | 4/3 | 2207 | - | Brier,Peyrin |
| collision | 384,512 | 4/4 | 2189 | - | Brier,Peyrin |
| collision | all | 2/3 | 246 | - | Brier,Peyrin |
| collision | 512 | 2/4 | example | - | Brier,Peyrin |
| collision | 512 | 1/45, 2/89 | example | - | Dai |
| collision | 512 | 2/120 | example | - | Aumasson |
| preimage | 512 | r/8 | 2480 | - | Khovratovich,Nikolic',Weinmann |
| preimage | 512 | r/4 | 2496 | - | Khovratovich,Nikolic',Weinmann |
| preimage | 512 | r/1 (round 1) | 2511 | 2508 | Khovratovich,Nikolic',Weinmann |
| preimage | all | r/b | 2513-4b | - | Aumasson,Meier,Naya-Plasencia,Peyrin |
| collision | all | r/b | 2521-4b-log b | - | submission document |
| preimage | all | r/b | 2522-4b-log b | - | submission document |
2.2 Building blocks
Here we list results on underlying building blocks, and the hash function modified by other means than the security parameter.
Note that these results assume more direct control or access over some internal variables (aka. free-start, pseudo, compression function, block cipher, or permutation attacks).
| Type of Analysis | Hash Function Part | Hash Size (n) | Parameters/Variants | Compression Function Calls | Memory Requirements | Reference |
| quantum preimage | hash | 512 | 2192 | - | Leurent | |
| distinguisher | permutation | all | 14 rounds | 2812 | - | Ashur,Dunkelman |
| distinguisher | permutation | all | 11 rounds | 2470 | - | Ashur,Dunkelman |
| observations | hash | all | - | - | Kaminsky | |
| observations | hash | all | - | - | Bloom,Kaminsky | |
| multi-collision | hash | all | 2513-4b | - | Aumasson,Meier,Naya-Plasencia,Peyrin | |
| observations | permutation | all | - | - | Aumasson,Meier,Naya-Plasencia,Peyrin |
Gaëtan Leurent - Quantum Preimage and Collision Attacks on CubeHash
- ,2010
- http://eprint.iacr.org/2010/506.pdf
BibtexAuthor : Gaëtan Leurent
Title : Quantum Preimage and Collision Attacks on CubeHash
In : -
Address :
Date : 2010
Tomer Ashur, Orr Dunkelman - Linear Analysis of Reduced-Round CubeHash
- ,2010
- http://eprint.iacr.org/2010/535.pdf
BibtexAuthor : Tomer Ashur, Orr Dunkelman
Title : Linear Analysis of Reduced-Round CubeHash
In : -
Address :
Date : 2010
Niels Ferguson, Stefan Lucks, Kerry A. McKay - Symmetric States and their Structure: Improved Analysis of CubeHash
- ,2010
- http://eprint.iacr.org/2010/273.pdf
BibtexAuthor : Niels Ferguson, Stefan Lucks, Kerry A. McKay
Title : Symmetric States and their Structure: Improved Analysis of CubeHash
In : -
Address :
Date : 2010
Alan Kaminsky - Cube Test Analysis of the Statistical Behavior of CubeHash and Skein
- ,2010
- http://eprint.iacr.org/2010/262.pdf
BibtexAuthor : Alan Kaminsky
Title : Cube Test Analysis of the Statistical Behavior of CubeHash and Skein
In : -
Address :
Date : 2010
Benjamin Bloom, Alan Kaminsky - Single Block Attacks and Statistical Tests on CubeHash
- ,2009
- http://eprint.iacr.org/2009/407.pdf
BibtexAuthor : Benjamin Bloom, Alan Kaminsky
Title : Single Block Attacks and Statistical Tests on CubeHash
In : -
Address :
Date : 2009
Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin - Linearization Framework for Collision Attacks: Application to CubeHash and MD6
- ,2009
- http://eprint.iacr.org/2009/382.pdf
BibtexAuthor : Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin
Title : Linearization Framework for Collision Attacks: Application to CubeHash and MD6
In : -
Address :
Date : 2009
Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin - Real Collisions for CubeHash-4/48
- ,2009
- http://ehash.iaik.tugraz.at/uploads/5/50/Bkmp_ch448.txt
BibtexAuthor : Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin
Title : Real Collisions for CubeHash-4/48
In : -
Address :
Date : 2009
Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin - Real Collisions for CubeHash-4/64
- ,2009
- http://ehash.iaik.tugraz.at/uploads/9/93/Bkmp_ch464.txt
BibtexAuthor : Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin
Title : Real Collisions for CubeHash-4/64
In : -
Address :
Date : 2009
Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin - Attack for CubeHash-2/2 and collision for CubeHash-3/64
- ,2009
- http://ehash.iaik.tugraz.at/uploads/3/3a/Peyrin_ch22_ch364.txt
BibtexAuthor : Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin
Title : Attack for CubeHash-2/2 and collision for CubeHash-3/64
In : -
Address :
Date : 2009
Eric Brier, Thomas Peyrin - Cryptanalysis of CubeHash
- ,2009
- http://thomas.peyrin.googlepages.com/BrierPeyrinCubehash.pdf
BibtexAuthor : Eric Brier, Thomas Peyrin
Title : Cryptanalysis of CubeHash
In : -
Address :
Date : 2009
Wei Dai - Collisions for CubeHash1/45 and CubeHash2/89
- ,2008
- http://www.cryptopp.com/sha3/cubehash.pdf
BibtexAuthor : Wei Dai
Title : Collisions for CubeHash1/45 and CubeHash2/89
In : -
Address :
Date : 2008
Jean-Philippe Aumasson - Collision for CubeHash2/120-512
- ,2008
- http://ehash.iaik.tugraz.at/uploads/a/a9/Cubehash.txt
BibtexAuthor : Jean-Philippe Aumasson
Title : Collision for CubeHash2/120-512
In : -
Address :
Date : 2008
Dmitry Khovratovich, Ivica Nikolic', Ralf-Philipp Weinmann - Preimage attack on CubeHash512-r/4 and CubeHash512-r/8
- ,2008
- http://ehash.iaik.tugraz.at/uploads/6/6c/Cubehash.pdf
BibtexAuthor : Dmitry Khovratovich, Ivica Nikolic', Ralf-Philipp Weinmann
Title : Preimage attack on CubeHash512-r/4 and CubeHash512-r/8
In : -
Address :
Date : 2008
Jean-Philippe Aumasson, Eric Brier, Willi Meier, María Naya-Plasencia, Thomas Peyrin - Inside the Hypercube
