spongent: A Lightweight Hash Function. This paper proposes spongent – a family of lightweight hash functions with hash sizes of 88 (for preimage resistance only), 128, 160, 224, and 256 bits based on a sponge construction instantiated with a present-type permutation, following the hermetic sponge strategy. Its smallest implementations in ASIC require 738, 1060, 1329, 1728, and 1950 GE, respectively. To our best knowledge, at all security levels attained, it is the hash function with the smallest footprint in hardware published so far, the parameter being highly technology dependent. spongent offers a lot of flexibility in terms of serialization degree and speed. We explore some of its numerous implementation trade-offs. We furthermore present a security analysis of spongent. Basing the design on a present-type primitive provides confidence in its security with respect to the most important attacks. Several dedicated attack approaches are also investigated.
Keywords for this software
References in zbMATH (referenced in 6 articles )
Showing results 1 to 6 of 6.
- Benadjila, Ryad; Guo, Jian; Lomné, Victor; Peyrin, Thomas: Implementing lightweight block ciphers on x86 architectures (2014)
- Bulygin, Stanislav; Walter, Michael; Buchmann, Johannes: Full analysis of PRINTcipher with respect to invariant subspace attack: efficient key recovery and countermeasures (2014)
- Gong, Zheng; Hartel, Pieter; Nikova, Svetla; Tang, Shao-Hua; Zhu, Bo: TuLP: a family of lightweight message authentication codes for body sensor networks (2014)
- Aumasson, Jean-Philippe; Henzen, Luca; Meier, Willi; Naya-Plasencia, María: Quark: a lightweight hash (2013)
- Walter, Michael; Bulygin, Stanislav; Buchmann, Johannes: Optimizing guessing strategies for algebraic cryptanalysis with applications to EPCBC (2013)
- Chang, Donghoon: Sufficient conditions on padding schemes of sponge construction and sponge-based authenticated-encryption scheme (2012)