Changes between Version 35 and Version 36 of Bibliography


Ignore:
Timestamp:
2009-03-05T03:52:17Z (15 years ago)
Author:
zooko
Comment:

further notes about insecurity of EnRUPT

Legend:

Unmodified
Added
Removed
Modified
  • Bibliography

    v35 v36  
    1212[http://cr.yp.to/chacha.html ChaChaCha20] even better stream cipher; It is probably slightly safer than Salsa and it is certainly slightly faster.
    1313
    14 [http://enrupt.com EnRUPT] a very simple, fast, and flexible primitive which could be used as stream cipher, secure hash function, or MAC (the first two are primitives that we currently need, and the third one -- MAC -- is a primitive that we may want in the future) and which relies for its security on a large number of rounds.  The question of how many rounds to use is decided by semi-automated cryptanalysis.  (Note: the stream-hash version of enRUPT, known as "irRUPT" has been shown to be insecure in the SHA-3 contest when used with the number of rounds originally recommended.  The traditional Merkle-Damgard variant -- mdRUPT -- is probably secure.  Also irRUPT is probably secure, and still reasonably fast, with a few more rounds.)
     14[http://enrupt.com EnRUPT] a very simple, fast, and flexible primitive which could be used as stream cipher, secure hash function, or MAC (the first two are primitives that we currently need, and the third one -- MAC -- is a primitive that we may want in the future) and which relies for its security on a large number of rounds.  The question of how many rounds to use is decided by semi-automated cryptanalysis.  (Note: the SHA-3 candidate version of EnRUPT in stream hashing mode was insecure.  The current block cipher mode is insecure.  There is a minor change (use a few more rounds) which is thought to fix the stream hashing mode.  The author is apparently working on a fix for the block cipher mode.)
    1515
    1616[https://online.tu-graz.ac.at/tug_online/voe_main2.getvolltext?pDocumentNr=81263 Cryptanalysis of the Tiger Hash Function] by Mendel and RIjmen