Paper 2009/026

Collision Attacks on NaSHA-384/512

Zhimin Li, Licheng Wang, Daofeng Li, Yixian Yang

Abstract

NaSHA is a family of hash functions submitted by Markovski and Mileva as a SHA-3 candidate. In this paper, we present a collision attack on the hash function NaSHA for the output sizes 384-bit and 512-bit. This attack is based on the the weakness in the generate course of the state words and the fact that the quasigroup operation used in the compression function is only determined by partial state words. Its time complexity is about $2^{128}$ with negligible memory and its probability is more than $(1- \frac{2}{{2^{64} - 1}})^2$ ($\gg \frac{1}{2}$). This is currently by far the best known cryptanalysis result on this SHA-3 candidate.