JH (hash function)
General | |
---|---|
Designers | Hongjun Wu |
Certification | SHA-3 finalist |
Detail | |
Digest sizes | 224, 256, 384, 512 |
Structure | Sponge-like[1] |
Speed | 16.1 cpb on Core 2 in 64-bit mode using SSE2; 37.3 cpb using ANSI C. |
Best public cryptanalysis | |
Preimage resistance reduced to 2507.[1] |
JH is a cryptographic hash function submitted to the NIST hash function competition by Hongjun Wu. Though chosen as one of the five finalists of the competition, in 2012 JH ultimately lost to NIST hash candidate Keccak.[2] JH has a 1024-bit state, and works on 512-bit input blocks. Processing an input block consists of three steps:
- XOR the input block into the left half of the state.
- Apply a 42-round unkeyed permutation (encryption function) to the state. This consists of 42 repetitions of:
- Break the input into 256 4-bit blocks, and map each through one of two 4-bit S-boxes, the choice being made by a 256-bit round-dependent key schedule. Equivalently, combine each input block with a key bit, and map the result through a 5→4 bit S-box.
- Mix adjacent 4-bit blocks using a maximum distance separable code over GF(24).
- Permute 4-bit blocks so that they will be adjacent to different blocks in following rounds.
- XOR the input block into the right half of the state.
The resulting digest is the last 224, 256, 384 or 512 bits from the 1024-bit final value. It is well suited to a bit slicing implementation using the SSE2 instruction set, giving speeds of 16.8 cycles per byte.
Examples of JH hashes
[edit]Hash values of empty string.
JH-224("") 0x 2c99df889b019309051c60fecc2bd285a774940e43175b76b2626630 JH-256("") 0x 46e64619c18bb0a92a5e87185a47eef83ca747b8fcc8e1412921357e326df434 JH-384("") 0x 2fe5f71b1b3290d3c017fb3c1a4d02a5cbeb03a0476481e25082434a881994b0ff99e078d2c16b105ad069b569315328 JH-512("") 0x 90ecf2f76f9d2c8017d979ad5ab96b87d58fc8fc4b83060f3f900774faa2c8fabe69c5f4ff1ec2b61d6b316941cedee117fb04b1f4c5bc1b919ae841c50eec4f
Even a small change in the message will (with overwhelming probability) result in a mostly different hash, due to the avalanche effect. For example, adding a period to the end of the sentence:
JH-256("The quick brown fox jumps over the lazy dog") 0x 6a049fed5fc6874acfdc4a08b568a4f8cbac27de933496f031015b38961608a0 JH-256("The quick brown fox jumps over the lazy dog.") 0x d001ae2315421c5d3272bac4f4aa524bddd207530d5d26bbf51794f0da18fafc
References
[edit]- ^ a b Bhattacharyya, Rishiraj; Mandal, Avradip; Nandi, Mridul (2010). "Security Analysis of the Mode of JH Hash Function". Fast Software Encryption. Vol. 6147. Berlin, Heidelberg: Springer Berlin Heidelberg. p. 168–191. doi:10.1007/978-3-642-13858-4_10. ISBN 978-3-642-13857-7.
- ^ "NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition" (Press release). NIST. 2012-10-02. Retrieved 2012-10-02.
External links
[edit]- The JH web site Archived 2011-12-04 at the Wayback Machine
- JH page on the SHA-3 Zoo
- VHDL source code developed by the Cryptographic Engineering Research Group (CERG) at George Mason University