SMASH is a cryptographic hash function which was created by Lars R. Knudsen.[3] SMASH comes in two versions: 256-bit and 512-bit. Each version was supposed to rival SHA-256 and SHA-512, respectively, however, shortly after the SMASH presentation at FSE 2005, an attack vector against SMASH was discovered which left the hash broken.
General | |
---|---|
Designers | Lars R. Knudsen |
First published | 2005 |
Detail | |
Digest sizes | 256 or 512 bits |
Best public cryptanalysis | |
Collision,[1] Second Preimage[2] |
Specifications
editThe message length was limited to less than 2128 for SMASH-256 and 2256 for SMASH-512.
Definition
editInput: 256/512-bit message blocks and
The function f is a complex compression function consisting of H-Rounds and L-Rounds using S-boxes, linear diffusion and variable rotations, details can be found here [3]
Details
editThe S-boxes in SMASH are derived versions from the Serpent ones.
References
edit- ^ Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). "Breaking a New Hash Function Design Strategy Called SMASH". Selected Areas in Cryptography. Lecture Notes in Computer Science. Vol. 3897. pp. 233–244. doi:10.1007/11693383_16. ISBN 978-3-540-33108-7.
- ^ Lamberger, Mario; Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). "Second Preimages for SMASH". Topics in Cryptology – CT-RSA 2007. Lecture Notes in Computer Science. Vol. 4377. pp. 101–111. doi:10.1007/11967668_7. ISBN 978-3-540-69327-7.
- ^ a b Knudsen, Lars R.: SMASH - A Cryptographic Hash Function, Accessed 23 November 2009