The MAELSTROM-0 Hash Function
In this paper we present MAELSTROM-0, an evolution of the WHIRLPOOL hash function with variable output length up to 512 bits. As its predecessor, MAELSTROM-0 is not oriented towards any particular platform, but its implementation flexibility facilitates exploiting the features of each underlying environment. On the other hand, the improved design of MAELSTROM-0 makes it faster and arguably more robust than its predecessor and other existing hash functions. By incorporating the state-of-the-art in the design of cryptographically secure hash functions, MAELSTROM-0 not only constitutes a new primitive per se, but also provides an initial assessment on what the minimum requirements for NIST’s “Advanced Hash Standard” might be, and might serve as a valuable comparison tool for future AHS proposals in terms of security, efficiency, and flexibility.
Bellare, M. and Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In ACM Conference on Computer and Communications Security, pages 62–73, Fairfax, USA. ACM Press.
Biham, E. (2005). Recent advances in hash functions: The way to go. In ECRYPT Conference on Hash Functions. European Network of Excellence for Cryptology – ECRYPT. Invited talk, http://www.cs.technion.ac.il/~biham/Reports/Slides/hash-func-krakow-2005.ps.gz.
Black, J., Rogaway, P., and Shrimpton, T. (2002). Black-box analysis of the blockcipher-based hash-function constructions from PGV. In Advances in Cryptology – Crypto’2002, volume 2442 of Lecture Notes in Computer Science, pages 320–335. Springer.
Boneh, D. and Boyen, X. (2004). Efficient selective-id secure identity based encryption without random oracles. In Advances in Cryptology – Eurocrypt’2004, volume 3027 of Lecture Notes in Computer Science, pages 223–238. Springer.
Daemen, J. (1995). Cipher and Hash Function Design. Ph.D. thesis, Katholieke Universiteit Leuven.
Gauravaram, P., Millan, W., Dawson, E., and Viswanathan, K. (2006). Constructing secure hash functions by enhancing Merkle-Damgård construction. In Australasian Conference on Information Security and Privacy – ACISP’2006, Lecture Notes in Computer Science. Springer. To appear.
ISO/IEC (2004). ISO/IEC 10118-3:2004 Standard – Information technology – Security techniques – Hash-functions – Part 3: Dedicated hash-functions. ISO/IEC.
Kelsey, J. and Schneier, B. (2004). Second preimages on n-bit hash functions for much less than 2n work. In Advances in Cryptology – Eurocrypt’2004, volume 3494 of Lecture Notes in Computer Science, pages 474–490. Springer.
Kitsos, P. and Koufopavlou, O. (2004). Efficient architecture and hardware implementation of the Whirlpool hash function. IEEE Transactions on Consumer Electronics, 50:208–213.
Klima, V. (2006). Tunnels in hash functions: MD5 collisions within a minute. Cryptology ePrint Archive, Report 2006/105. http://eprint.iacr.org/2006/105.
Kohno, T. and Kelsey, J. (2006). Herding hash functions and the nostradamus attack. In Advances in Cryptology – Eurocrypt’2006, Lecture Notes in Computer Science. Springer. To appear.
Lidl, R. and Niederreiter, H. (1997). Finite Fields. Number 20 in Encyclopedia of Mathematics and its Applications. Cambridge University Press, Cambridge, UK, 2nd edition.
MacWilliams, F. J. and Sloane, N. J. A. (1977). The theory of error-correcting codes, volume 16. North-Holland Mathematical Library.
Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A. (1999). Handbook of Applied Cryptography. CRC Press, Boca Raton, USA.
Nakajima, J. and Matsui, M. (2002). Performance analysis and parallel implementation of dedicated hash functions. In Advances in Cryptology – Eurocrypt’2002, volume 2332 of Lecture Notes in Computer Science, pages 165–180. Springer.
NIST (2000). Federal Information Processing Standard (FIPS 186-2) – Digital Signature Standard (DSS). National Institute of Standards and Technology – NIST.
NIST (2001). Federal Information Processing Standard (FIPS 197) – Advanced Encryption Standard (AES). National Institute of Standards and Technology – NIST.
Pramstaller, N., Rechberger, C., and Rijmen, V. (2006). A compact FPGA implementation of the hash function Whirlpool. In International Symposium on Field Programmable Gate Arrays – FPGA’2006, pages 159–166. ACM.
Rijmen, V. (1997). Cryptanalysis and design of iterated block ciphers. Ph.D. thesis, Katholieke Universiteit Leuven.
Rogaway, P. and Shrimpton, T. (2004). Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In Fast Software Encryption – FSE’2004, volume 3017 of Lecture Notes in Computer Science, pages 371–388. Springer.
Vaudenay, S. (1996). Hidden collisions on DSS. In Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 83–88, Santa Barbara, USA. Advances in Cryptology – Crypto’96, Springer-Verlag.
Wang, X., Lai, X., Feng, D., Chen, H., and Yu, X. (2005a). Cryptanalysis of the hash functions MD4 and RIPEMD. In Advances in Cryptology – Eurocrypt’2005, volume 3494 of Lecture Notes in Computer Science, pages 1–18. Springer.
Wang, X., Yin, Y. L., and Yu, H. (2005b). Efficient collision search attacks on SHA-0. In Advances in Cryptology – Crypto’2005, volume 3621 of Lecture Notes in Computer Science, pages 1–16. Springer.
Wang, X. and Yu, H. (2005). How to break MD5 and other hash functions. In Advances in Cryptology – Eurocrypt’2005, volume 3494 of Lecture Notes in Computer Science, pages 19–35. Springer.