Jump to content

Panama (cryptography)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Samboy (talk | contribs) at 17:50, 29 January 2019 (This time, one didn’t even need to perform a 10-second Google search to find a reference that Panama is the grandparent of SHA-3. There was '''already a reference''' to support this claim '''in this article'''). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Panama (cipher)
General
DesignersJoan Daemen,
Craig Clapp
First publishedDecember 1998[1]
Derived fromStepRightUp
SuccessorsMUGI, RadioGatún, SHA-3
Cipher detail
Key sizes256 bits

Panama is a cryptographic primitive which can be used both as a hash function and a stream cipher, but its hash function mode of operation has been broken and is not suitable for cryptographic use. Based on StepRightUp, it was designed by Joan Daemen and Craig Clapp and presented in the paper Fast Hashing and Stream Encryption with PANAMA on the Fast Software Encryption (FSE) conference 1998. The cipher has influenced several other designs, for example MUGI and SHA-3.[2][3]

The primitive can be used both as a hash function and a stream cipher. The stream cipher uses a 256-bit key and the performance of the cipher is very good reaching 2 cycles per byte.

Hash function

Panama (hash)
Cipher detail
Digest sizes256 bits
Security claims2128 (collision resistance)
Block sizes256 bits
State size8736 bits
Best public cryptanalysis
Panama hash collisions can be generated in 26 time.[4]

As a hash function, collisions have been shown by Vincent Rijmen et al. in the paper Producing Collisions for PANAMA presented at FSE 2001. The attack shows a computational complexity of 282 and with negligible memory requirements.[5]

At FSE 2007, Joan Daemen and Gilles Van Assche presented a practical attack on the Panama hash function that generates a collision in 26 evaluations of the state updating function.[4]

Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche, at NIST's 2006 Second Cryptographic Hash Workshop, unveiled a Panama variant called RadioGatún. The hash function workings of RadioGatún does not have the known weaknesses that Panama's hash function has. In turn, RadioGatún inspired the new cryptographic standard SHA-3.[2]

See also

References

  1. ^ http://www.drdobbs.com/security/the-panama-cryptographic-function/184410745
  2. ^ a b http://csrc.nist.gov/groups/ST/hash/sha-3/documents/Keccak-slides-at-NIST.pdf On slide 5, it states the "starting point: fixing Panama"
  3. ^ Bertoni, Guido; Daemen, Joan; Peeters, Michaël; Van Assche, Gilles. "The Road from Panama to Keccak via RadioGatún". Retrieved 2009-10-20.
  4. ^ a b "Producing Collisions for Panama, Instantaneously". 2007-04-04. {{cite journal}}: Cite journal requires |journal= (help); Unknown parameter |authors= ignored (help); Unknown parameter |conference= ignored (help)
  5. ^ "Producing Collisions for PANAMA". 2001. {{cite journal}}: Cite journal requires |journal= (help); Unknown parameter |authors= ignored (help); Unknown parameter |conference= ignored (help)