You are looking at a specific version 20131129:185006 of this paper. See the latest version.

Paper 2013/467

Analysis of BLAKE2

Jian Guo and Pierre Karpman and Ivica Nikolic and Lei Wang and Shuang Wu

Abstract

We present a thorough security analysis of the hash function family BLAKE2, a recently proposed and already in use tweaked version of the SHA-3 finalist BLAKE. We study how existing attacks on BLAKE apply to BLAKE2 and to what extent the modifications impact the attacks. We design and run two improved searches for (impossible) differential attacks — the outcomes suggest higher number of attacked rounds in the case of impossible differentials (in fact we improve the best results for BLAKE as well), and slightly higher for the differential attacks on the hash/compression function (which gives an insight into the quality of the tweaks). We emphasize the importance of each of the modifications, in particular we show that an improper initialization could lead to collisions and near-collisions for the full-round compression function. We analyze the permutation of the new hash function and give rotational attacks and internal differentials for the whole design. We conclude that the tweaks in BLAKE2 were chosen properly and, despite having weaknesses in the theoretical attack frameworks of permutations and of fully-chosen state input compression functions, the hash function of BLAKE2 has only slightly lower security margin than BLAKE.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Major revision. CT-RSA 2014
Keywords
BLAKE2BLAKEhash functionrotational cryptanalysisimpossible differential cryptanalysisdifferential cryptanalysisinternal differentialiterative differential
Contact author(s)
ntu guo @ gmail com
History
2014-04-26: last of 5 revisions
2013-08-02: received
See all versions
Short URL
https://ia.cr/2013/467
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.