This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ar to those in Khafre (see Section 13.7). Some rotations are thrown in, too. Originally Snefru was designed with two passes. Cryptanalysis of Snefru
Using differential cryptanalysis, Biham and Shamir demonstrated the insecurity of twopass Snefru (128bit hash value) [172]. Their attack finds pairs of messages that hash to the same value within minutes. Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 On 128bit Snefru, their attacks work better than brute force for four passes or less. A birthday attack against Snefru takes 264 operations; differential cryptanalysis can find a pair of messages that hash to the same value in 228.5 operations for threepass Snefru and 244.5 operations for fourpass Snefru. Finding a message that hashes to a given value by brute force requires 2128 operations; differential cryptanalysis takes 256 operations for threepass Snefru and 288 operations for fourpass Snefru. Although Biham and Shamir didn’t analyze 256bit hash values, they extended their analysis to 224bit hash values. Compared to a birthday attack that requires 2112 operations, they can find messages that hash to the same value in 212.5 operations for twopass Snefru, 233 operations for threepass Snefru, and 281 operations for fourpass Snefru. Currently, Merkle recommends using Snefru with at least eight passes [1073]. However, with this many passes the algorithm is significantly slower than either MD5 or SHA. 18.3 N Hash
NHash is an algorithm invented by researchers at Nippon Telephone and Telegraph, the same people who invented FEAL, in 1990 [1105, 1106]. NHash uses 128bit message blocks, a complicated randomizing function similar to FEAL’s, and produces a 128bit hash value. The hash of each 128bit block is a function of the block and the hash of the prev...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details