13:35 The new hash function md6 | |
MD6 - the hash algorithm of variable bit and developed by Professor Ronald Rivest of the Massachusetts Institute of Technology in September 2008. Designed to create a "fingerprint" or message digests of arbitrary length. It is proposed to replace the less than perfect MD5. According to the authors, the algorithm is resistant to differential cryptanalysis. MD6 is not sufficiently resistant to collisions of the first kind. Used to authenticate the published reports, by comparing the message digest to the posting. This operation is called "verification hash» (hashcheck). The predecessor (MD5) was established in 1991, when the frequency of conventional processors have no more than 33MHz. She was supposed to display a binary string of arbitrary length in a string of d, to be resistant to collisions, finding pre-images and to be pseudorandom. After her break, the American Institute of Standards and Technology (NIST), has announced a competition to create the hash function SHA-3. A new feature is supposed MD6 provably resistant to differential cryptanalysis (by which was hacked MD5). The developers used the original ideas in the design of hash functions. Thus, the amount of processed at one time a block of data will be 512 bytes (not bits), making it difficult to many attacks, gives a gain of parallelization. In the development instead of the traditional design Damgarda Merkle ispolzovalos compression using tree structures. At each node of the tree is a contractive function 4-1 (analog Merkle trees with mini-compression function). For small processors instead of the hierarchical structure of trees can be used consistently. MD6 also supports a hash with a key of 512 bits. Various design features (the numbering of tree nodes, root, and z-bats at the entrance to the subfunction) protect the function of the attacks inserts and extensions. Nonlinear function is achieved by using only three simple operations: XOR, addition and shift constants. The number of rounds of the function is unusually large:r = 40 + (d / 4). As for the 256 take exit 104 rounds, and for 512 - 168 rounds! In this case, MD6-512 and a half times slower than SHA2-512 with 32-bit platforms, and nearly four times for 6 MD6 on Wikipedia The presentation, shown at the Crypto 2008 | |
|
Total comments: 0 | |