SMASH (hash)

From BitcoinWiki

This is the approved revision of this page, as well as being the most recent.

Jump to: navigation, search

SMASH is a cryptographic hash function which was created by Lars R. Knudsen. SMASH comes in two versions: 256-bit and 512-bit. Each version was supposed to rival SHA-256 and SHA-512, respectively, however, shortly after the SMASH presentation at FSE 2005, an attack vector against SMASH was discovered which left the hash broken.

Contents

1 Specifications
2 Definition
3 Details
4 Source
5 See Also on BitcoinWiki

Specifications[edit]

The message length was limited to less than 2¹²⁸ for SMASH-256 and 2²⁵⁶ for SMASH-512.

Definition[edit]

Input: 256/512-bit message blocks $m_1, m_2, ... ,m_t$ and $\theta \in GF(2^n)$

$h_0 = f(iv) \oplus iv$
$h_i = h(h_{i-1},m_i) = f(h_{i_1}\oplus m_i) \oplus m_i \oplus \theta m_i$
$h_{t+1} = f(h_t) \oplus h_t$

The function f is a complex compression function consisting of H-Rounds and L-Rounds using S-boxes, linear diffusion and variable rotations.

Details[edit]

The S-boxes in SMASH are derived versions from the Serpent ones.

Source[edit]

http://wikipedia.org/

See Also on BitcoinWiki[edit]

Retrieved from "https://en.bitcoinwiki.org/index.php?title=SMASH_(hash)&oldid=376976"