Paper 2010/091

Distinguishers for the Compression Function and Output Transformation of Hamsi-256

Jean-Philippe Aumasson, Emilia Käsper, Lars Ramkilde Knudsen, Krystian Matusiewicz, Rune Odegaard, Thomas Peyrin, and Martin Schläffer

Abstract

Hamsi is one of 14 remaining candidates in NIST's Hash Competition for the future hash standard SHA-3. Until now, little analysis has been published on its resistance to differential cryptanalysis, the main technique used to attack hash functions. We present a study of Hamsi's resistance to differential and higher-order differential cryptanalysis, with focus on the 256-bit version of Hamsi. Our main results are efficient distinguishers and near-collisions for its full (3-round) compression function, and distinguishers for its full (6-round) finalization function, indicating that Hamsi's building blocks do not behave ideally.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. To appear in proceedings of ACISP 2010
Keywords
hash functionsdifferential cryptanalysisSHA-3
Contact author(s)
emilia kasper @ esat kuleuven be
History
2010-04-24: revised
2010-02-22: received
See all versions
Short URL
https://ia.cr/2010/091
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2010/091,
      author = {Jean-Philippe Aumasson and Emilia Käsper and Lars Ramkilde Knudsen and Krystian Matusiewicz and Rune Odegaard and Thomas Peyrin and Martin Schläffer},
      title = {Distinguishers for the Compression Function and Output Transformation of Hamsi-256},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/091},
      year = {2010},
      url = {https://eprint.iacr.org/2010/091}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.