Paper 2009/026

Collision Attacks on NaSHA-384/512

Zhimin Li, Licheng Wang, Daofeng Li, and Yixian Yang


NaSHA is a family of hash functions submitted by Markovski and Mileva as a SHA-3 candidate. In this paper, we present a collision attack on the hash function NaSHA for the output sizes 384-bit and 512-bit. This attack is based on the the weakness in the generate course of the state words and the fact that the quasigroup operation used in the compression function is only determined by partial state words. Its time complexity is about $2^{128}$ with negligible memory and its probability is more than $(1- \frac{2}{{2^{64} - 1}})^2$ ($\gg \frac{1}{2}$). This is currently by far the best known cryptanalysis result on this SHA-3 candidate.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Hash functionNaSHA-384NaSHA-512collision attack
Contact author(s)
lizhimin1981 @ gmail com
2009-06-16: last of 2 revisions
2009-01-14: received
See all versions
Short URL
Creative Commons Attribution


      author = {Zhimin Li and Licheng Wang and Daofeng Li and Yixian Yang},
      title = {Collision Attacks on NaSHA-384/512},
      howpublished = {Cryptology ePrint Archive, Paper 2009/026},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.