SMASH is a cryptographic hash function which was created by Lars R. Knudsen. SMASH comes in two versions: 256-bit and 512-bit. Each version was supposed to rival SHA-256 and SHA-512, respectively, however, shortly after the SMASH presentation at FSE 2005, an attack vector against SMASH was discovered which left the hash broken.
The message length was limited to less than 2128 for SMASH-256 and 2256 for SMASH-512.
Input: 256/512-bit message blocks and
The function f is a complex compression function consisting of H-Rounds and L-Rounds using S-boxes, linear diffusion and variable rotations, details can be found here 
The S-boxes in SMASH are derived versions from the Serpent ones.
- ^ Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). "Breaking a New Hash Function Design Strategy Called SMASH". Lecture Notes in Computer Science 3897: 233–244. doi:10.1007/11693383_16.
- ^ Lamberger, Mario; Pramstaller, Norbert; Rechberger, Christian; Rijmen, Vincent (2006). "Second Preimages for SMASH". Lecture Notes in Computer Science 4377: 101–111. doi:10.1007/11967668_7.
- ^ a b Knudsen, Lars R.: SMASH - A Cryptographic Hash Function, Accessed 23 November 2009