Back to personal page

 

Blue Midnight Wish and NIST SHA-3 contest

·         I am one of the inventors of Blue Midnight Wish and one of the contributors of EDON-R hash functions in this contest. Blue Midnight Wish passed to the second round, it is the fastest from 14 candidates. It is a pity that BMW wasn"t selected into the final round.

NIST Cryptographic Hash Algorithm Competition:

·         Main page is NIST SHA-3 contest. Unofficial pages: Zoo, wiki page, list of submitters, SW performance on eBASH, HW results, Niels Ferguson comparison.

·         On Oct. 31, 2008 - deadline for sending proposals. NIST received 64 entries.

·         On Dec.10, 2008 NIST accepted 51 First Round Candidates.

·         On Feb. 25-28, 2009 The First SHA-3 Candidate Conference was held in Leuven. 

·         On July 24, 2009 NIST selected the following 14 Second Round Candidates to continue in the competition: BLAKE, Blue Midnight Wish, CubeHash, ECHO, Fugue, Grøstl, Hamsi, JH, Keccak, Luffa, Shabal, SHAvite-3, SIMD, Skein. Submitters were invited to tweak their submissions by Sept. 15, 2009.

·         On September 28, 2009 NIST has published the tweaked versions of the algorithms on their page. Nice summary of the tweaks is here.

·         NIST report summarizing the first round of the competition, and the selection of the second round candidates, is here.

·         Danilo Gligoroski showed that narrow-pipe SHA-3 candidates BLAKE, Hamsi, SHAvite-3 and Skein differ significantly from ideal random functions defined over big domains in "Narrow-pipe SHA-3 candidates differ significantly from ideal random functions defined over big domains", pdf.

·         Vlastimil Klima, Danilo Gligoroski: Generic collision attacks on narrow-pipe hash functions faster than birthday paradox, applicable to MDx, SHA-1, SHA-2, and SHA-3 narrow-pipe candidates, IACR eprint, Report 2010/430, pdf.

·         Danilo Gligoroski, Vlastimil Klima: Practical consequences of the aberration of narrow-pipe hash designs from ideal random functions, IACR eprint, Report 2010/384, pdf.

·         Danilo Gligoroski, Vlastimil Klima: Practical consequences of the aberration of narrow-pipe hash designs from ideal random functions, Proceedings of Information on ICT Innovations 2010, Sept. 12 - 15, Ohrid, R. Macedonia, Springer, Berlin, Heidelberg, 2010, pp. xx - xx,

·         the Second SHA-3 Candidate Conference, August 23-24, 2010,

·         We showed that many strong candidates with narrow-pipe design do not suffer from length extension attack with demanded theoretical complexity and other consequences, in  Danilo Gligoroski, Vlastimil Klima: Why narrow-pipe cryptographic hash functions are not a match to wide-pipe cryptographic hash functions?, SantaCrypt 2010, Dec. 2-3, 2009, Prague, Czech Republic, Proceedings of SantaCrypt 2010, ISBN xx, pp. xx, pdf.

·         NIST announced 5 finalists on December 9, 2010. BMW didn't pass to the final round, even if it was the fastest candidate.

·         On Feb. 16, 2011 NIST published the report on the selection proces. The report doen't contain the reasons why three strong candidates were not selected. Instead the outsider JH algorithm passed into the finale, even if it was assumed broken (before Dec. 9,2010), see Zoo.

 

Blue Midnight Wish:

·         team homepage

·         Blue Midnight Wish, the first version, Oct. 2008, description, homepage, presentation at the First SHA-3 Candidate Conference, Feb. 25-28, 2009,

·         Danilo Gligoroski, Vlastimil Klima, Svein J. Knapskog, Mohamed El-Hadedy, Jorn Amundsen, Stig F. Mjolsnes: Cryptographic Hash Function Blue Midnight Wish,  the second version, September 15, 2009, description, reference implementation, the whole submission package, homepage, differences from the first version, presentation at the First SHA-3 Candidate Conference, Feb. 25-28, 2009

Cryptanalysis:

·         BMW team: A framework for Measuring and Evaluating the Progress of the Cryptanalysis of the Hash Function Blue Midnight Wish, November 15, 2010, pdf.

·         Søren S. Thomsen: A near-collision attack on the Blue Midnight Wish compression function, 2008, pdf ver. 2.0,

·         Danilo Gligoroski, Vlastimil Klima: On the Computational Asymmetry of the S-boxes Present in Blue Midnight Wish Cryptographic Hash Function, in Danco Davcev and Jorge Marx Gomez (eds): ICT Innovations 2009, Springer, Berlin, Heidelberg, 2010, pp. 391 - 400, Information on ICT Innovations 2009, Sept. 28 - 30, Ohrid, R. Macedonia, pdf,  

·         Danilo Gligoroski, Vlastimil Klima, On Blue Midnight Wish Decomposition, SantaCrypt 2009, Dec. 3-4, 2009, Prague, Czech Republic, Proceedings of SantaCrypt 2009, ISBN 978-80-904257-0-5, pp. 41-51, pdf.

·         Søren S. Thomsen: Pseudo-cryptanalysis of Blue Midnight Wish, April 16, 2009, pdf.

·         Gaëtan Leurent and Søren S. Thomsen: Practical Partial-Collisions on the Compression Function of BMW, pdf.

·         The Blue Midnight Wish team: A Comment on Leurent and Thomsen work - New Distinguisher on BMW compression function, November 16, 2010, pdf.

·         Ali Doğanaksoy, Barış Ege, Onur Koçak and Fatih Sulak : Statistical Analysis of Reduced Round Compression Functions of SHA-3 Second Round Candidates, eprint IACR report 2010/611 ( PDF )

Implementations:

·         Mohamed El Hadedy, Danilo Gligoroski and Svein J. Knapskog : Single Core Implementation of Blue Midnight Wish Hash Function on VIRTEX 5 Platform , eprint IACR report 2010/571 ( PDF )

·         Mourad Gouicem : Comparison of seven SHA-3 candidates software implementations on smart cards, eprint IACR report 2010/531 ( PDF )

·         Xu Guo, Sinan Huang, Leyla Nazhandali and Patrick Schaumont: On The Impact of Target Technology in SHA-3 Hardware Benchmark Rankings, eprint IACR report 2010/531 ( PDF )

My other contributions to the  SHA-3 contest:

·         Vlastimil Klima, Danilo Gligoroski: Generic collision attacks on narrow-pipe hash functions faster than birthday paradox, applicable to MDx, SHA-1, SHA-2, and SHA-3 narrow-pipe candidates, IACR eprint, Report 2010/430, pdf.

·         Danilo Gligoroski, Vlastimil Klima: Practical consequences of the aberration of narrow-pipe hash designs from ideal random functions, IACR eprint, Report 2010/384, pdf.

·         Danilo Gligoroski, Rune Steinsmo Ødegård, Marija Mihova, Svein Johan Knapskog, Ljupco Kocarev, Aleš Drápal, Vlastimil Klima: Cryptographic Hash Function EDON-R, description, homepage, the whole submission package (Jan 12, 2009), presentation at the First SHA-3 Candidate Conference on February 25-28, 2009,

·         Vlastimil Klima: Dynamic SHA is vulnerable to generic attacks, letter, Dec. 14, 2008,

·         Vlastimil Klima: Dynamic SHA2 is vulnerable to generic attacks, letter, Dec. 14, 2008,

·         Vlastimil Klima: A near-collision attack on BLENDER, letter, official paper, Dec. 19, 2008,

·         Vlastimil Klima: Huge multicollisions and multipreimages of hash functions BLENDER-n, IACR eprint Report 2009/006, local copy: paper_EN, paper_CZ, Jan. 2, 2009

·         Vlastimil Klima: Multicollisions of EDON-R hash function and other observations, November 2008, pdf,

·         Vlastimil Klima and Petr Susil: A Note on Linear Approximations of BLUE MIDNIGHT WISH Cryptographic Hash Function, Cryptology ePrint Archive: Report 2009/453, Sept. 15, 2009