International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 29 December 2013

Wenling Wu, Shuang Wu, Lei Zhang, Jian Zou, Le Dong
ePrint Report ePrint Report
In this paper, we propose a new lightweight hash function

supporting three different digest sizes: 80, 96 and 128 bits,

providing preimage security from 64 to 120 bits, second preimage

and collision security from 40 to 60 bits. LHash requires about

817 GE and 1028 GE with a serialized implementation. In faster

implementations based on function $T$, LHash requires 989 GE and

1200 GE with 54 and 72 cycles per block, respectively.

Furthermore, its energy consumption evaluated by energy per bit is

also remarkable. LHash allows to make trade-offs among security,

speed, energy consumption and implementation costs by adjusting

parameters. The design of LHash employs a kind of Feistel-PG structure in

the internal permutation, and this structure can

utilize permutation layers on

nibbles to improve the diffusion speed. The adaptability of LHash

in different environments is good, since different versions of

LHash share the same basic computing module. The low-area

implementation comes from the hardware-friendly S-box and linear

diffusion layer. We evaluate the resistance of LHash against known

attacks and confirm that LHash provides a good security margin.

Expand

Additional news items may be found on the IACR news page.