12/2/13 The SHA-3 Zoo - The ECRYPT Hash Function Website

ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo 1/4

The SHA-3 Zoo

From The ECRYPT Hash Function Website

The SHA-3 Zoo (work in progress) is a collection of cryptographic hash functions (in alphabetical order) submittedto the SHA-3 contest (http://www.nist.gov/hash-competition) (see also here (http://en.wikipedia.org/wiki/SHA-3)). It aims to provide an overview of design and cryptanalysis of all submissions. A list of all SHA-3 submitters isalso available. For a software performance related overview, see eBASH (http://bench.cr.yp.to/ebash.html) . At aseparate page, we also collect hardware implementation results of the candidates. Another categorization of theSHA-3 submissions can be found here (http://eprint.iacr.org/2008/511.pdf) .

The idea of the SHA-3 Zoo is to give a good overview of cryptanalytic results. We try to avoid additionaljudgement whether a submission is broken. The answer to this question is left to NIST. However, we categorize thecryptanalytic results by their impact from very theoretic to practical attacks. A detailed description is given inCryptanalysis Categories.

At this time, 56 out of 64 submissions to the SHA-3 competition are publicly known and available. 51 submissionshave advanced to round 1 (http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/index.html) , 14 submissions havemade it into round 2 (http://csrc.nist.gov/groups/ST/hash/sha-3/Round2/index.html) and 5 candidates have beenselected for the final (http://csrc.nist.gov/groups/ST/hash/sha-3/Round3/index.html) .

The following tables give a first impression on the cryptanalysis of the SHA-3 candidates. The tables only show thebest known attack, more detailed results are collected at the individual hash function pages. A description of themain table is given here.

Recent updates of the SHA-3 Zoo (http://ehash.iaik.tugraz.at/index.php?title=Special:Recentchangeslinked&target=The_SHA-3_Zoo&days=7&limit=50&hideminor=1) (Your analysis isnot mentioned? Drop a line at sha3zoo@iaik.tugraz.at (mailto:sha3zoo@iaik.tugraz.at) to let us know!)

Keccak has been selected as the SHA-3 standard:

Hash Name Principal SubmitterBest Attack on Main

NIST Requirements

Best Attack on other

Hash Requirements

Keccak The Keccak Team

The other 4 finalists of the SHA-3 competition are:

Hash Name Principal SubmitterBest Attack on Main

NIST Requirements

Best Attack on other

Hash Requirements

BLAKE

12/2/13 The SHA-3 Zoo - The ECRYPT Hash Function Website

ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo 2/4

Jean-Philippe Aumasson

Grstl Lars R. Knudsen

JH Hongjun Wu preimage

Skein Bruce Schneier

The following SHA-3 candidates advanced to round 2 but did not get into the final:

Round 2 tweaks for all candidates (http://ehash.iaik.tugraz.at/uploads/c/ce/20090922-2230_SHA-3_round2_tweaks.pdf)

Hash Name Principal SubmitterBest Attack on Main

NIST Requirements

Best Attack on other

Hash Requirements

Blue Midnight Wish Svein Johan Knapskog

CubeHash Daniel J. Bernstein preimage

ECHO Henri Gilbert

Fugue Charanjit S. Jutla

Hamsi zgl Kk

Luffa Dai Watanabe

Shabal Jean-Franois Misarsky

SHAvite-3 Orr Dunkelman

SIMD Gatan Leurent

The following submitted hash functions have not advanced to round 2:

Hash Name Principal Submitter StatusBest Attack on Main

NIST Requirements

Best Attack onother Hash

Requirements

Abacus Neil Sholer in round 1 2nd-preimage

ARIRANG Jongin Lim in round 1

12/2/13 The SHA-3 Zoo - The ECRYPT Hash Function Website

ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo 3/4

AURORA Masahiro Fujita in round 1 2nd preimage

Blender Colin Bradbury in round 1 collision, preimage near-collision

Boole Greg Rose in round 1 collision

Cheetah Dmitry Khovratovich in round 1 length-extension

CHI Phillip Hawkes in round 1

CRUNCH Jacques Patarin in round 1 length-extension

DCH David A. Wilson in round 1 collision

Dynamic SHA Xu Zijie in round 1 collision length-extension

Dynamic SHA2 Xu Zijie in round 1 collision length-extension

ECOH Daniel R. L. Brown in round 1 2nd preimage

Edon-R Danilo Gligoroski in round 1 preimage

EnRUPT Sean O'Neil in round 1 collision

ESSENCE Jason Worth Martin in round 1 collision

FSB Matthieu Finiasz in round 1

HASH 2X Jason Lee not in round 1 2nd-preimage

Khichidi-1 M. Vidyasagar in round 1 collision

LANE Sebastiaan Indesteege in round 1

Lesamnta Hirotaka Yoshida in round 1

LUX Ivica Nikoli in round 1 collision, 2nd preimage DRBG,HMAC

Maraca Robert J. Jenkins not in round 1 preimage

MCSSHA-3 Mikhail Maslennikov in round 1 2nd preimage

MD6 Ronald L. Rivest in round 1

MeshHash Bjrn Fay in round 1 2nd preimage

NaSHA Smile Markovski in round 1 collision

NKS2D Geoffrey Park not in round 1 collision

Ponic Peter Schmidt-Nielsen not in round 1 2nd-preimage

SANDstorm Rich Schroeppel in round 1

Sarmal Kerem Varc in round 1 preimage

Sgil Peter Maxwell in round 1 collision

12/2/13 The SHA-3 Zoo - The ECRYPT Hash Function Website

ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo 4/4

SHAMATA Orhun Kara in round 1 collision

Spectral Hash etin Kaya Ko in round 1 collision

StreamHash Michal Trojnara in round 1 collision

SWIFFTX Daniele Micciancio in round 1

Tangle Rafael Alvarez in round 1 collision

TIB3 Daniel Penazzi in round 1 collision

Twister Michael Gorski in round 1 preimage

Vortex Michael Kounavis in round 1 preimage

WaMM John Washburn in round 1 collision

Waterfall Bob Hattersley in round 1 collision

ZK-Crypt Carmi Gressel not in round 1

Retrieved from "http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo"

This page was last modified on 28 January 2013, at 14:32.