Updates on SHAvite-3
نویسندگان
چکیده
In this paper we present the current state of the SHA-3 submission SHAvite-3. We address the performance of SHAvite-3, and gather some implementation data, available at the moment. We then discuss some of the issues and results concerning the security of SHAvite-3. While we prove that the SHAvite-3 family offers secure hash functions, we also suggest a slightly tweaked version of SHAvite-3512 to offer a larger security margins.
منابع مشابه
The SHAvite-3 Hash Function
In this document we present SHAvite-3, a secure and efficient hash function based on the HAIFA construction and the AES building blocks. SHAvite-3 uses a well understood set of primitives such as a Feistel block cipher which iterates a round function based on the AES round function. SHAvite-3’s compression functions are secure against cryptanalysis, while the selected mode of iteration offers m...
متن کاملThe SHAvite-3 Hash Function Tweaked Version
In this document we present SHAvite-3, a secure and efficient hash function based on the HAIFA construction and the AES building blocks. SHAvite-3 uses a well understood set of primitives such as a Feistel block cipher which iterates a round function based on the AES round function. SHAvite-3’s compression functions are secure against cryptanalysis, while the selected mode of iteration offers m...
متن کاملChanges in the SHAvite-3 Submission Package
This document lists the different modifications done in the SHAvite-3 submission package, including the tweak suggested for SHAVite-3. The changes summarized in this report were divided according to their cause, to facilitate an easy evaluation of the changes. All the locations are given with respect to the version submitted to NIST on January 15th, 2009. 1 Tweak Related Changes As mentioned in...
متن کاملCryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512
In this paper, we analyze the SHAvite-3-512 hash function, as proposed and tweaked for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of 2 compression function e...
متن کاملAnalysis of Reduced-SHAvite-3-256 v2
In this article, we provide the first independent analysis of the (2-round tweaked) 256-bit version of the SHA-3 candidate SHAvite-3. By leveraging recently introduced cryptanalysis tools such as rebound attack or Super-Sbox cryptanalysis, we are able to derive chosen-related-salt distinguishing attacks on the compression function on up to 8 rounds (12 rounds in total) and free-start collisions...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010