Comments (4)
It currently provides a security level of 128 bits. Preimages and collision resistance depend on the output size. Like cSHAKE, with an output of L bits, a collision attack will require about 2^(L/2) work, and a preimage attack will require about 2^L work.
Sponge-based constructions, and the libhydrogen API, allow great flexibility. The internal permutation can easily be replaced, and the rate/capacity ratio can also be adjusted to increase strength at the expense of speed or the other way round.
libhydrogen currently has these parameters hardcoded, but a goal that's also a justification for opting for that design, is to make these configurable at compile-time.
from libhydrogen.
No, SHAKE and cSHAKE suffer from exactly the same weakness, by design, with 256 bits of capacity you only get 128 bits of security, meaning that an attack takes 2^128 work. Additional output does nothing.
from libhydrogen.
additional output does nothing
Strength increases with the output size, until the output size reaches 256 bits.
from libhydrogen.
additional output does nothing
Strength increases with the output size, until the output size reaches 256 bits.
Additional output after the first 256 bits does nothing.
The cutoff point is different for the different attack scenarios.
Collision strength increases with the output size until the output size reaches 256 bits, and the collision strength reaches 128 bits.
Second preimage strength increases with the output size until the output size reaches 128 bits, and the second preimage strength reaches 128 bits.
from libhydrogen.
Related Issues (20)
- API Thoughts HOT 1
- hydro_random_init() get called twice HOT 1
- Sealed boxes support! HOT 2
- Linking issue on Android HOT 5
- Init RNG seeding seemingly very predictable on Arduino Uno HOT 11
- Flipping bit in secret key doesn't change results? HOT 1
- Problems compiling with clang 13 on windows HOT 2
- Secret key encryption without authentication HOT 2
- GCC 11 warnings read/accessing out of regions HOT 4
- What does hydro_hash_hash return, and under what conditions? HOT 3
- How to send a message using KK_variant Key exchange? HOT 6
- Leaked public keys of KK_variant? HOT 3
- Do KK_variant's Three functions perform the signing and public key encryption?
- Libhydrogen API hydro_kx_kk_2 getting failed in AIX HOT 2
- Error C4146 in Windows HOT 2
- Add Noise X and IK patterns
- using secretbox where the full payload isnt available/cant fit in memory?
- Is there a way to do signcryption with this library? HOT 7
- Additional Data HOT 1
- Is the text in the footer of all the Wiki pages intentional or vandalism? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libhydrogen.