eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2009/634

Attacks on Hash Functions based on Generalized Feistel - Application to Reduced-Round Lesamnta and SHAvite-3_{512}

Charles Bouillaguet, Orr Dunkelman, Gaëtan Leurent, and Pierre-Alain Fouque


In this paper we study the strength of two hash functions which are based on Generalized Feistels. Our proposed attacks themselves are mostly independent of the round function in use, and can be applied to similar hash functions which share the same structure but have different round functions. We start with a 22-round generic attack on the structure of Lesamnta, and adapt it to the actual round function to attack 24-round Lesamnta. We then show a generic integral attack on 20-round Lesamnta (which can be used against the block cipher itself). We follow with an attack on 9-round SHAvite-3_{512} which is the first cryptanalytic result on the hash function (which also works for the tweaked version of SHAvite-3_{512}).

Note: Previous upload was broken...

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
LesamntaSHAvite-3Cancellation Attack
Contact author(s)
orr dunkelman @ weizmann ac il
charles bouillaguet @ ens fr
gaetan leurent @ ens fr
2010-08-22: last of 2 revisions
2010-01-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Charles Bouillaguet and Orr Dunkelman and Gaëtan Leurent and Pierre-Alain Fouque},
      title = {Attacks on Hash Functions based on Generalized Feistel - Application to Reduced-Round Lesamnta and SHAvite-3_{512}},
      howpublished = {Cryptology ePrint Archive, Paper 2009/634},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/634}},
      url = {https://eprint.iacr.org/2009/634}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.