Re: [Lessfs-users] Choice of hash
Brought to you by:
mruijter
Menu
▾
▴
Re: [Lessfs-users] Choice of hash
|
From: Mark R. <mru...@gm...> - 2009-06-24 17:38:08
|
Hi Roy, As far as I can tell there are no known collisions for the full hash. Lessfs uses the full hash so there seems to be no reason to switch to a slower sha2 algorithm. Mark. -- Tiger is a cryptographic hash function with a 192-bit hash value. It was proposed by Anderson and Biham in 1996. Recently, weaknesses have been shown in round-reduced variants of the Tiger hash function. First, at FSE 2006, Kelsey and Lucks presented a collision attack on Tiger reduced to 16 and 17 (out of 24) rounds with a complexity of about 2^44 and a pseudo-near-collision for Tiger reduced to 20 rounds. Later, Mendel /et al./ extended this attack to a collision attack on Tiger reduced to 19 rounds with a complexity of about 2^62 . Furthermore, they show a pseudo-near-collision for Tiger reduced to 22 rounds with a complexity of about 2^44 . No attack is known for the full Tiger hash function. In this article, we show a pseudo-near-collision for the full Tiger hash function with a complexity of about 2^47 hash computations and a pseudo-collision (free-start-collision) for Tiger reduced to 23 rounds with the same complexity. |
