On security arguments of the second round SHA-3 candidates

Publication: Research - peer-reviewJournal article – Annual report year: 2012

Standard

On security arguments of the second round SHA-3 candidates. / Andreeva, Elena; Bogdanov, Andrey; Mennink, Bart; Preneel, Bart; Rechberger, Christian.

In: International Journal of Information Security, Vol. 11, No. 2, 2012, p. 103–120.

Publication: Research - peer-reviewJournal article – Annual report year: 2012

Harvard

APA

CBE

MLA

Vancouver

Author

Andreeva, Elena; Bogdanov, Andrey; Mennink, Bart; Preneel, Bart; Rechberger, Christian / On security arguments of the second round SHA-3 candidates.

In: International Journal of Information Security, Vol. 11, No. 2, 2012, p. 103–120.

Publication: Research - peer-reviewJournal article – Annual report year: 2012

Bibtex

@article{5829acd476a840779b4ba4136c7a348b,
title = "On security arguments of the second round SHA-3 candidates",
keywords = "SHA-3 competition, Hash functions, Classification, Security reductions, Differential attacks",
publisher = "Springer",
author = "Elena Andreeva and Andrey Bogdanov and Bart Mennink and Bart Preneel and Christian Rechberger",
year = "2012",
doi = "10.1007/s10207-012-0156-7",
volume = "11",
number = "2",
pages = "103–120",
journal = "International Journal of Information Security",
issn = "1615-5262",

}

RIS

TY - JOUR

T1 - On security arguments of the second round SHA-3 candidates

A1 - Andreeva,Elena

A1 - Bogdanov,Andrey

A1 - Mennink,Bart

A1 - Preneel,Bart

A1 - Rechberger,Christian

AU - Andreeva,Elena

AU - Bogdanov,Andrey

AU - Mennink,Bart

AU - Preneel,Bart

AU - Rechberger,Christian

PB - Springer

PY - 2012

Y1 - 2012

N2 - In 2007, the US National Institute for Standards and Technology (NIST) announced a call for the design of a new cryptographic hash algorithm in response to vulnerabilities like differential attacks identified in existing hash functions, such as MD5 and SHA-1. NIST received many submissions, 51 of which got accepted to the first round. 14 candidates were left in the second round, out of which five candidates have been recently chosen for the final round.<br/>An important criterion in the selection process is the SHA-3 hash function security. We identify two important classes of security arguments for the new designs: (1) the possible reductions of the hash function security to the security of its underlying building blocks and (2) arguments against differential<br/>attack on building blocks. In this paper, we compare the state of the art provable security reductions for the second round candidates and review arguments and bounds against classes of differential attacks.We discuss all the SHA-3 candidates at a high functional level, analyze, and summarize the security reduction results and bounds against differential attacks. Additionally, we generalize the well-known proof of collision resistance preservation, such that all SHA-3 candidates with a suffix-free padding are covered.

AB - In 2007, the US National Institute for Standards and Technology (NIST) announced a call for the design of a new cryptographic hash algorithm in response to vulnerabilities like differential attacks identified in existing hash functions, such as MD5 and SHA-1. NIST received many submissions, 51 of which got accepted to the first round. 14 candidates were left in the second round, out of which five candidates have been recently chosen for the final round.<br/>An important criterion in the selection process is the SHA-3 hash function security. We identify two important classes of security arguments for the new designs: (1) the possible reductions of the hash function security to the security of its underlying building blocks and (2) arguments against differential<br/>attack on building blocks. In this paper, we compare the state of the art provable security reductions for the second round candidates and review arguments and bounds against classes of differential attacks.We discuss all the SHA-3 candidates at a high functional level, analyze, and summarize the security reduction results and bounds against differential attacks. Additionally, we generalize the well-known proof of collision resistance preservation, such that all SHA-3 candidates with a suffix-free padding are covered.

KW - SHA-3 competition

KW - Hash functions

KW - Classification

KW - Security reductions

KW - Differential attacks

U2 - 10.1007/s10207-012-0156-7

DO - 10.1007/s10207-012-0156-7

JO - International Journal of Information Security

JF - International Journal of Information Security

SN - 1615-5262

IS - 2

VL - 11

SP - 103

EP - 120

ER -