Analysis of Reduced-SHAvite-3-256 v2
نویسندگان
چکیده
In this article, we provide the first independent analysis of the (2-round tweaked) 256-bit version of the SHA-3 candidate SHAvite-3. By leveraging recently introduced cryptanalysis tools such as rebound attack or Super-Sbox cryptanalysis, we are able to derive chosen-related-salt distinguishing attacks on the compression function on up to 8 rounds (12 rounds in total) and free-start collisions on up to 7 rounds. In particular, our best results are obtained by carefully controlling the differences in the key schedule of the internal cipher. Most of our results have been implemented and verified experimentally.
منابع مشابه
Finding Collisions for Reduced Luffa-256 v2
Luffa is a family of cryptographic hash functions that has been selected as a second round SHA-3 candidate. This paper presents the first collision finding analysis of Luffa-256 v2 which is the 256-bit hash function in the Luffa family. We show that collisions for 4 out of 8 steps of Luffa can be found with complexity 2 using sophisticated message modification techniques. Furthermore, we presen...
متن کاملUpdates on SHAvite-3
In this paper we present the current state of the SHA-3 submission SHAvite-3. We address the performance of SHAvite-3, and gather some implementation data, available at the moment. We then discuss some of the issues and results concerning the security of SHAvite-3. While we prove that the SHAvite-3 family offers secure hash functions, we also suggest a slightly tweaked version of SHAvite-3512 t...
متن کاملCryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512
In this paper, we analyze the SHAvite-3-512 hash function, as proposed and tweaked for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of 2 compression function e...
متن کاملThe SHAvite-3 Hash Function
In this document we present SHAvite-3, a secure and efficient hash function based on the HAIFA construction and the AES building blocks. SHAvite-3 uses a well understood set of primitives such as a Feistel block cipher which iterates a round function based on the AES round function. SHAvite-3’s compression functions are secure against cryptanalysis, while the selected mode of iteration offers m...
متن کاملThe SHAvite-3 Hash Function Tweaked Version
In this document we present SHAvite-3, a secure and efficient hash function based on the HAIFA construction and the AES building blocks. SHAvite-3 uses a well understood set of primitives such as a Feistel block cipher which iterates a round function based on the AES round function. SHAvite-3’s compression functions are secure against cryptanalysis, while the selected mode of iteration offers m...
متن کامل