Difference between revisions of "The SHA-3 Zoo"

Revision as of 22:30, 29 December 2008

The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the SHA-3 contest (see also here). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all SHA-3 submitters is also available. For a software performance related overview, see eBASH. At a separate page, we also collect hardware implementation results of the candidates. Another categorization of the SHA-3 submissions can be found here.

The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in Cryptanalysis Categories.

At this time, 55 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to the first round. So far, 3 out of 51 first round candidates have been officially conceded broken or withdrawn by the designers.

The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages.

Recent updates of the SHA-3 Zoo

Hash Name	Principal Submitter	Best Attack on Main NIST Requirements	Best Attack on other Hash Requirements
Abacus	Neil Sholer	2nd-preimage
ARIRANG	Jongin Lim
AURORA	Masahiro Fujita (Sony)
BLAKE	Jean-Philippe Aumasson
Blender	Dr. Colin Bradbury	preimage
Blue Midnight Wish	Svein Johan Knapskog
Cheetah	Dmitry Khovratovich		length-extension
CHI	Phillip Hawkes
CRUNCH	Jacques Patarin
CubeHash	D. J. Bernstein	preimage
DCH	David A. Wilson	collision
Dynamic SHA	Xu Zijie		length-extension
Dynamic SHA2	Xu Zijie		length-extension
ECHO	Henri Gilbert
ECOH	Daniel R. L. Brown
Edon-R	Danilo Gligoroski	preimage
EnRUPT	Sean O’Neil	collision
ESSENCE	Jason Worth Martin
FSB	Matthieu Finiasz
Fugue	Charanjit S. Jutla
Grøstl	Lars Ramkilde Knudsen
Hamsi	Ozgul Kucuk
JH	Hongjun Wu	preimage
Keccak	Joan Daemen
Khichidi-1	M Vidyasagar	collision
LANE	Sebastiann Indesteege
Lesamnta	Hirotaka Yoshida
Luffa	Dai Watanabe
LUX	Ivica Nikolic
MCSSHA-3	Mikhail Maslennikov	collision
MD6	Ronald L. Rivest
MeshHash	Björn Fay	2nd preimage
NaSHA	Smile Markovski	collision
SANDstorm	Rich Schroeppel
Sarmal	Kerem VARICI	preimage
Sgàil	Peter Maxwell	collision
Shabal	Jean-Francois Misarsky
SHAMATA	Orhun Kara
SHAvite-3	Orr Dunkelman
SIMD	Gaetan Leurent
Skein	Bruce Schneier
Spectral Hash	Cetin Kaya Koc
StreamHash	Michal Trojnara	collision
SWIFFTX	Daniele Micciancio
Tangle	Rafael Alvarez	collision
TIB3	Daniel Penazzi
Twister	Michael Gorski	2nd preimage
Vortex	Michael Kounavis	preimage

The following hash functions have been submitted to the NIST competition but did not advance to the first round or have been conceded broken by the designers:

Hash Name	Principal Submitter	Status	Best Attack on Main NIST Requirements
Boole	Greg Rose	conceded broken	collision
HASH 2X		not in round 1	2nd-preimage
Maraca		not in round 1
NKS2D		not in round 1	collision
Ponic		not in round 1	2nd-preimage
WaMM	John Washburn	conceded broken	collision
Waterfall	Bob Hattersley	conceded broken	collision

Your analysis is not mentioned? Drop a line at sha3zoo@iaik.tugraz.at to let us know!

@@ Line 1: / Line 1: @@
 The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submitted to the [http://www.nist.gov/hash-competition SHA-3 contest] (see also [http://en.wikipedia.org/wiki/SHA-3 here]). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all [[SHA-3 submitters]] is also available. For a software performance related overview, see [http://bench.cr.yp.to/ebash.html eBASH]. At a separate page, we also collect [[SHA-3_Hardware_Implementations | hardware implementation results]] of the candidates. Another categorization of the SHA-3 submissions can be found [http://www.uni-weimar.de/cms/fileadmin/medien/medsicherheit/Research/SHA3/Classification_of_the_SHA-3_Candidates.pdf here].
 <br><br>
-At this time, 55 out of 64 submissions to the SHA-3 competition are publicly known and available. [http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/submissions_rnd1.html 51] submissions have advanced to the first round (so far, 17 of 51 first round candidates have been broken).
+The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additional judgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize the cryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given in [[Cryptanalysis Categories]].
+At this time, 55 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissions have advanced to the first round.
+So far, 3 out of 51 first round candidates have been officially conceded broken or withdrawn by the designers.
-[http://ehash.iaik.tugraz.at/index.php?title=Special:Recentchangeslinked&target=The_SHA-3_Zoo&days=7&limit=50&hideminor=1   Recent updates of the SHA-3 Zoo]
+The following table should give a first impression on the remaining SHA-3 candidates. It shows only the best known attack, more detailed results are collected at the individual hash function pages.
-{| border="1" cellpadding="4" cellspacing="0" align="center" class="wikitable"
+[http://ehash.iaik.tugraz.at/index.php?title=Special:Recentchangeslinked&target=The_SHA-3_Zoo&days=7&limit=50&hideminor=1 Recent updates of the SHA-3 Zoo]
+{| border="1" cellpadding="4" cellspacing="0" align="center" class="wikitable" style="text-align:center"
 |- style="background:#efefef;"
-! width="150"| Hash Function Name      !! width="150"| Status    !!  width="150"| [[External Cryptanalysis Categories| External Cryptanalysis]]
+! width="120"| Hash Name !! width="160" | Principal Submitter !! width="120"| Best Attack on Main NIST Requirements !! width="120"| Best Attack on other Hash Requirements
 |-
-| [[Abacus]]                           || 1st round || broken
+| [[Abacus]]       || Neil Sholer || style="background:orange" | 2nd-preimage ||
 |-
-| [[ARIRANG]]                          || 1st round || none
+| [[ARIRANG]]      || Jongin Lim || ||
+|-
+| [[AURORA]]       || Masahiro Fujita (Sony) || ||
 |-
-| [[AURORA]]                           || 1st round || none
+| [[BLAKE]]        || Jean-Philippe Aumasson || ||
 |-
-| [[BLAKE]]                            || 1st round || none
+| [[Blender]]      || Dr. Colin Bradbury || style="background:orange" | preimage ||
+|-
+| [[Blue Midnight Wish]] || Svein Johan Knapskog || ||
 |-
-| [[Blender]]                          || 1st round || broken
+| [[Cheetah]]      || Dmitry Khovratovich || || length-extension
 |-
-| [[Blue Midnight Wish]]               || 1st round || yes
+| [[CHI]]          || Phillip Hawkes || ||
+|-
+| [[CRUNCH]]       || Jacques Patarin || ||
 |-
-| [[Boole]]                            || 1st round || broken
+| [[CubeHash]]     || D. J. Bernstein || style="background:greenyellow" | preimage ||
 |-
-| [[Cheetah]]                          || 1st round || broken
+| [[DCH]]          || David A. Wilson || style="background:red" | collision ||
+|-
+| [[Dynamic SHA]]  || Xu Zijie || || length-extension
 |-
-| [[CHI]]                              || 1st round || none
+| [[Dynamic SHA2]] || Xu Zijie || || length-extension
 |-
-| [[CRUNCH]]                           || 1st round || none
+| [[ECHO]]         || Henri Gilbert || ||
+|-
+| [[ECOH]]         || Daniel R. L. Brown || ||
 |-
-| [[CubeHash]]                         || 1st round || yes
+| [[Edon-R (SHA-3 submission)|Edon-R]] || Danilo Gligoroski || style="background:yellow" | preimage ||
 |-
-| [[DCH]]                              || 1st round || broken
+| [[EnRUPT]]       || Sean O’Neil || style="background:red" | collision ||
+|-
+| [[ESSENCE]]      || Jason Worth Martin || ||
 |-
-| [[Dynamic SHA]]                      || 1st round || broken
+| [[FSB (SHA-3 submission) | FSB]] || Matthieu Finiasz || ||
 |-
-| [[Dynamic SHA2]]                     || 1st round || broken
+| [[Fugue]]        || Charanjit S. Jutla || ||
+|-
+| [[Groestl|Grøstl]] || Lars Ramkilde Knudsen || ||
 |-
-| [[ECHO]]                             || 1st round || none
+| [[Hamsi]]        || Ozgul Kucuk || ||
 |-
-| [[ECOH]]                             || 1st round || none
+| [[JH]]           || Hongjun Wu || style="background:greenyellow" | preimage ||
+|-
+| [[Keccak]]       || Joan Daemen || ||
 |-
-| [[Edon-R (SHA-3 submission)|Edon-R]] || 1st round || yes
+| [[Khichidi-1]]   || M Vidyasagar || style="background:red" | collision ||
 |-
-| [[EnRUPT]]                           || 1st round || broken
+| [[LANE]]         || Sebastiann Indesteege || ||
+|-
+| [[Lesamnta]]     || Hirotaka Yoshida || ||
 |-
-| [[ESSENCE]]                          || 1st round || none
+| [[Luffa]]        || Dai Watanabe || ||
 |-
-| [[FSB (SHA-3 submission) | FSB]]     || 1st round || none
+| [[LUX]]          || Ivica Nikolic || ||
+|-
+| [[MCSSHA-3]]     || Mikhail Maslennikov || style="background:yellow" | collision ||
 |-
-| [[Fugue]]                            || 1st round || none
+| [[MD6]]          || Ronald L. Rivest || ||
 |-
-| [[Groestl|Grøstl]]                   || 1st round || yes
+| [[MeshHash]]     || Björn Fay || style="background:yellow" | 2nd preimage ||
+|-
+| [[NaSHA]]        || Smile Markovski || style="background:yellow" | collision ||
 |-
-| [[Hamsi]]                            || 1st round || none
+| [[SANDstorm]]    || Rich Schroeppel || ||
 |-
-| [[HASH 2X]]                          || submitted || broken
+| [[Sarmal]]       || Kerem VARICI ||  style="background:yellow" | preimage ||
+|-
+| [[Sgàil]]        || Peter Maxwell|| style="background:red" | collision ||
 |-
-| [[JH]]                               || 1st round || yes
+| [[Shabal]]       || Jean-Francois Misarsky || ||
 |-
-| [[Keccak]]                           || 1st round || none
+| [[SHAMATA]]      || Orhun Kara || ||
+|-
+| [[SHAvite-3]]    || Orr Dunkelman || ||
 |-
-| [[Khichidi-1]]                       || 1st round || broken
+| [[SIMD]]         || Gaetan Leurent || ||
 |-
-| [[LANE]]                             || 1st round || none
+| [[Skein]]        || Bruce Schneier || ||
+|-
+| [[Spectral Hash]] || Cetin Kaya Koc || ||
 |-
-| [[Lesamnta]]                         || 1st round || none
+| [[StreamHash]]   || Michal Trojnara || style="background:red" | collision ||
 |-
-| [[Luffa]]                            || 1st round || none
+| [[SWIFFTX]]      || Daniele Micciancio || ||
+|-
+| [[Tangle]]       || Rafael Alvarez || style="background:red" | collision ||
 |-
-| [[LUX]]                              || 1st round || yes
+| [[TIB3]]         || Daniel Penazzi || ||
 |-
-| [[Maraca]]                           || submitted || broken
+| [[Twister]]      || Michael Gorski || style="background:yellow" | 2nd preimage ||
 |-
-| [[MCSSHA-3]]                         || 1st round || broken
+| [[Vortex (SHA-3 submission)|Vortex]] || Michael Kounavis || style="background:yellow" | preimage ||
-|-
+|}
-| [[MD6]]                              || 1st round || yes
-|-
-| [[MeshHash]]                         || 1st round || broken
+The following hash functions have been submitted to the NIST competition but did not advance to the first round or have been conceded broken by the designers:
-|-
-| [[NaSHA]]                            || 1st round || broken
+{| border="1" cellpadding="4" cellspacing="0" align="center" class="wikitable" style="text-align:center"
-|-
+|- style="background:#efefef;"
-| [[NKS2D]]                            || submitted || broken
+! width="120"| Hash Name !! width="160" | Principal Submitter !! width="120" | Status !! width="120" | Best Attack on Main NIST Requirements
-|-
-| [[Ponic]]                            || submitted || broken
-|-
-| [[SANDstorm]]                        || 1st round || none
-|-
-| [[Sarmal]]                           || 1st round || yes
-|-
-| [[Sgàil]]                            || 1st round || broken
-|-
-| [[Shabal]]                           || 1st round || none
-|-
-| [[SHAMATA]]                          || 1st round || yes
-|-
-| [[SHAvite-3]]                        || 1st round || none
-|-
-| [[SIMD]]                             || 1st round || none
-|-
-| [[Skein]]                            || 1st round || none
-|-
-| [[Spectral Hash]]                    || 1st round || yes
-|-
-| [[StreamHash]]                       || 1st round || broken
 |-
-| [[SWIFFTX]]                          || 1st round || none
+| [[Boole]]       || Greg Rose || conceded broken || style="background:red" | collision
 |-
-| [[Tangle]]                           || 1st round || broken
+| [[HASH 2X]]     || || not in round 1 || style="background:red" | 2nd-preimage
 |-
-| [[TIB3]]                             || 1st round || none
+| [[Maraca]]      || || not in round 1 ||
 |-
-| [[Twister]]                          || 1st round || yes
+| [[NKS2D]]       || || not in round 1 || style="background:red" | collision
 |-
-| [[Vortex (SHA-3 submission)|Vortex]] || 1st round || yes
+| [[Ponic]]       || || not in round 1 || style="background:yellow" | 2nd-preimage
 |-
-| [[WaMM]]                             || 1st round || broken
+| [[WaMM]]        || John Washburn || conceded broken || style="background:red" | collision
 |-
-| [[Waterfall]]                        || 1st round || broken
+| [[Waterfall]]   || Bob Hattersley || conceded broken || style="background:orange" | collision
 |}
 Your analysis is not mentioned? Drop a line at sha3zoo@iaik.tugraz.at to let us know!

Difference between revisions of "The SHA-3 Zoo"

Revision as of 22:30, 29 December 2008

Navigation menu

Views

Personal tools

Navigation

Search

Tools