An observation on the security of McEliece's public-key cryptosystem
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
The art of computer programming, volume 3: (2nd ed.) sorting and searching
The art of computer programming, volume 3: (2nd ed.) sorting and searching
The Area-Time Complexity of Binary Multiplication
Journal of the ACM (JACM)
Proceedings of the 3rd International Colloquium on Coding Theory and Applications
Proceedings of the 3rd International Colloquium on Coding Theory and Applications
A Generalized Birthday Problem
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Syndrome Based Collision Resistant Hashing
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
New AES Software Speed Records
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Proceedings of the twentieth Annual ACM-SIAM Symposium on Discrete Algorithms
19th ACM-SIAM Symposium on Discrete Algorithms
SODA '09 Proceedings of the twentieth Annual ACM-SIAM Symposium on Discrete Algorithms
Faster and Timing-Attack Resistant AES-GCM
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Efficient Cache Attacks on AES, and Countermeasures
Journal of Cryptology
A new paradigm for collision-free hashing: incrementality at reduced cost
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
The knapsack hash function proposed at Crypto'89 can be broken
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
Linearization attacks against syndrome based hashes
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Cryptanalysis of a hash function based on quasi-cyclic codes
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Faster 2-regular information-set decoding
IWCC'11 Proceedings of the Third international conference on Coding and cryptology
A family of fast syndrome based cryptographic hash functions
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
Faster 2-regular information-set decoding
IWCC'11 Proceedings of the Third international conference on Coding and cryptology
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
Improving the performance of the SYND stream cipher
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Hi-index | 0.00 |
The FSB (fast syndrome-based) hash function was submitted to the SHA-3 competition by Augot, Finiasz, Gaborit, Manuel, and Sendrier in 2008, after preliminary designs proposed in 2003, 2005, and 2007. Many FSB parameter choices were broken by Coron and Joux in 2004, Saarinen in 2007, and Fouque and Leurent in 2008, but the basic FSB idea appears to be secure, and the FSB submission remains unbroken. On the other hand, the FSB submission is also quite slow, and was not selected for the second round of the competition. This paper introduces RFSB, an enhancement to FSB. In particular, this paper introduces the RFSB-509 compression function, RFSB with a particular set of parameters. RFSB-509, like the FSB-256 compression function, is designed to be used inside a 256-bit collision-resistant hash function: all known attack strategies cost more than 2128 to find collisions in RFSB-509. However, RFSB-509 is an order of magnitude faster than FSB-256. On a single core of a Core 2 Quad CPU, RFSB-509 runs at 13.62 cycles/byte: faster than SHA-256, faster than 6 of the 14 secondround SHA-3 candidates, and faster than 2 of the 5 SHA-3 finalists.