Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512

Praveen Gauravaram; Gaëtan Leurent; Florian Mendel; Maria Naya Plasencia; Thomas Peyrin; Christian Rechberger; Martin Schläffer

Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512

Praveen Gauravaram, Gaëtan Leurent, Florian Mendel, Maria Naya Plasencia, Thomas Peyrin, Christian Rechberger, Martin Schläffer

Research output: Contribution to journal › Conference article › Research › peer-review

242 Downloads (Pure)

Abstract

In this paper, we analyze SHAvite-3-512 hash function, as proposed for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of $2^{497}$ compression function evaluations and $2^{16}$ memory. For the full 14-round compression function, we give a chosen counter, chosen salt preimage attack with $2^{384}$ compression function evaluations and $2^{128}$ memory (or complexity $2^{448}$ without memory), and a collision attack with $2^{192}$ compression function evaluations and $2^{128}$ memory.

Original language	English
Book series	Lecture Notes in Computer Science
Volume	6055
Pages (from-to)	419-436
ISSN	0302-9743
Publication status	Published - 2010
Event	Third International Conference on Cryptology in Africa - Stellenbosch, South Africa Duration: 3 May 2010 → 6 May 2010 Conference number: 3

Conference

Conference	Third International Conference on Cryptology in Africa
Number	3
Country/Territory	South Africa
City	Stellenbosch
Period	03/05/2010 → 06/05/2010

Keywords

SHAvite-3-512
cryptanalysis
(second) preimage
collision

Access to Document

Voe main2Final published version, 252 KB

http://ehash.iaik.tugraz.at/wiki/SHAvite-3#Cryptanalysis

SFX availability

Full text

Cite this

@inproceedings{e137e93832594026a6ad3563bec3b405,

title = "Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512",

abstract = "In this paper, we analyze SHAvite-3-512 hash function, as proposed for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of $2^{497}$ compression function evaluations and $2^{16}$ memory. For the full 14-round compression function, we give a chosen counter, chosen salt preimage attack with $2^{384}$ compression function evaluations and $2^{128}$ memory (or complexity $2^{448}$ without memory), and a collision attack with $2^{192}$ compression function evaluations and $2^{128}$ memory.",

keywords = "SHAvite-3-512, cryptanalysis, (second) preimage, collision",

author = "Praveen Gauravaram and Ga{\"e}tan Leurent and Florian Mendel and Plasencia, {Maria Naya} and Thomas Peyrin and Christian Rechberger and Martin Schl{\"a}ffer",

year = "2010",

language = "English",

volume = "6055",

pages = "419--436",

journal = "Lecture Notes in Computer Science",

issn = "0302-9743",

publisher = "Springer",

note = "Third International Conference on Cryptology in Africa, Africacrypt 2010 ; Conference date: 03-05-2010 Through 06-05-2010",

}

Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512. / Gauravaram, Praveen; Leurent, Gaëtan; Mendel, Florian; Plasencia, Maria Naya; Peyrin, Thomas; Rechberger, Christian; Schläffer, Martin.

In: Lecture Notes in Computer Science, Vol. 6055, 2010, p. 419-436.

Research output: Contribution to journal › Conference article › Research › peer-review

TY - GEN

T1 - Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512

AU - Gauravaram, Praveen

AU - Leurent, Gaëtan

AU - Mendel, Florian

AU - Plasencia, Maria Naya

AU - Peyrin, Thomas

AU - Rechberger, Christian

AU - Schläffer, Martin

N1 - Conference code: 3

PY - 2010

Y1 - 2010

N2 - In this paper, we analyze SHAvite-3-512 hash function, as proposed for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of $2^{497}$ compression function evaluations and $2^{16}$ memory. For the full 14-round compression function, we give a chosen counter, chosen salt preimage attack with $2^{384}$ compression function evaluations and $2^{128}$ memory (or complexity $2^{448}$ without memory), and a collision attack with $2^{192}$ compression function evaluations and $2^{128}$ memory.

AB - In this paper, we analyze SHAvite-3-512 hash function, as proposed for round 2 of the SHA-3 competition. We present cryptanalytic results on 10 out of 14 rounds of the hash function SHAvite-3-512, and on the full 14 round compression function of SHAvite-3-512. We show a second preimage attack on the hash function reduced to 10 rounds with a complexity of $2^{497}$ compression function evaluations and $2^{16}$ memory. For the full 14-round compression function, we give a chosen counter, chosen salt preimage attack with $2^{384}$ compression function evaluations and $2^{128}$ memory (or complexity $2^{448}$ without memory), and a collision attack with $2^{192}$ compression function evaluations and $2^{128}$ memory.

KW - SHAvite-3-512

KW - cryptanalysis

KW - (second) preimage

KW - collision

M3 - Conference article

VL - 6055

SP - 419

EP - 436

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

T2 - Third International Conference on Cryptology in Africa

Y2 - 3 May 2010 through 6 May 2010

ER -

Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512

Abstract

Conference

Keywords

Access to Document

SFX availability

Fingerprint

Cite this