Provable Security of BLAKE with Non-Ideal Compression Function

@inproceedings{Andreeva2011ProvableSO,
  title={Provable Security of BLAKE with Non-Ideal Compression Function},
  author={Elena Andreeva and Atul Luykx and Bart Mennink},
  booktitle={IACR Cryptology ePrint Archive},
  year={2011}
}
We analyze the security of the SHA-3 finalist BLAKE. The BLAKE hash function follows the HAIFA design methodology, and as such it achieves optimal preimage, second preimage and collision resistance, and is indifferentiable from a random oracle up to approximately 2 assuming the underlying compression function is ideal. In our work we show, however, that the compression function employed by BLAKE exhibits a nonrandom behavior and is in fact differentiable in only 2 queries. Our attack on the… CONTINUE READING
Highly Cited
This paper has 21 citations. REVIEW CITATIONS
14 Citations
19 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 14 extracted citations

References

Publications referenced by this paper.
Showing 1-10 of 19 references

Grøstl – a SHA-3 candidate (2011), submission to NIST’s SHA-3 competition

  • P. Gauravaram, L. Knudsen, +4 authors S. Thomsen
  • 2011
2 Excerpts

The Hash Function JH (2011), submission to NIST’s SHA-3 competition

  • H. Wu
  • 2011
1 Excerpt

The KECCAK sponge function family (2011), submission to NIST’s SHA-3 competition

  • G. Bertoni, J. Daemen, M. Peeters, G. Assche
  • 2011
2 Excerpts

The Skein Hash Function Family (2010), submission to NIST’s SHA-3 competition

  • N. Ferguson, S. Lucks, +5 authors J. Walker
  • 2010
2 Excerpts

Similar Papers

Loading similar papers…