Panama (cryptography)

Designers Joan Daemen,
Craig Clapp
First published February 2002
Derived from StepRightUp
Successors MUGI
Cipher detail
Key sizes 256 bits
Best public cryptanalysis
Panama hash collisions can be generated in 26 time.

Panama is a cryptography primitive which can be used both as a hash function and a stream cipher. Based on StepRightUp, it was designed by Joan Daemen and Craig Clapp and presented in the paper Fast Hashing and Stream Encryption with PANAMA on the Fast Software Encryption (FSE) conference 1998. The cipher has influenced several other designs, for example MUGI.

The primitive can be used both as a hash function and a stream cipher. The stream cipher uses a 256-bit key and the performance of the cipher is very good reaching 2 cycles per byte.

As a hash function, collisions have been shown by Vincent Rijmen et al. in the paper Producing Collisions for PANAMA presented at FSE 2001. The attack shows a computational complexity of 282 and with negligible memory requirements.

At FSE 2007, Joan Daemen and Gilles Van Assche presented a practical attack on the Panama hash function that generates a collision in 26 evaluations of the state updating function.

Guido Bertoni, Joan Daemen, Michaël Peeters, and Gilles Van Assche proposed, at NIST's 2006 Second Cryptographic Hash Workshop, unveiled a Panama variant called RadioGatún. RadioGatún is strictly a hash function; it does not have the known weaknesses that Panama's hash function has.

External links

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • Outline of cryptography — See also: Index of cryptography articles The following outline is provided as an overview of and topical guide to cryptography: Cryptography (or cryptology) – practice and study of hiding information. Modern cryptography intersects the… …   Wikipedia

  • Topics in cryptography — This article is intended to be an analytic glossary , or alternatively, an organized collection of annotated pointers.Classical ciphers*Autokey cipher *Permutation cipher*Polyalphabetic substitution **Vigenère cipher*Polygraphic substitution… …   Wikipedia

  • Панама (значения) — Панама: Панама государство в Центральной Америке. Содержание 1 География 1.1 США 2 Искусство 3 …   Википедия

  • Stream cipher — The operation of the keystream generator in A5/1, a LFSR based stream cipher used to encrypt mobile phone conversations. In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher… …   Wikipedia

  • Kryptologische Hash-Funktion — Eine kryptologische Hashfunktion ist eine spezielle Hashfunktion mit weiteren Eigenschaften. Eine kryptologische Hashfunktion sollte zumindest eine Einwegfunktion sein. Eine Hashfunktion ist eine Funktion, die eine Zeichenfolge beliebiger Länge… …   Deutsch Wikipedia

  • Kryptologische Hashfunktion — Eine kryptologische Hashfunktion oder kryptographische Hashfunktion ist eine spezielle Form der Hashfunktion, welche zusätzlich kollisionsresistent oder eine Einwegfunktion (oder beides) ist. Eine Hashfunktion ist eine Funktion, die eine… …   Deutsch Wikipedia

  • Crypto++ — Developer(s) Wei Dai Initial release 1995 Stable release 5.6.1 / August 9, 2010; 14 months ago ( …   Wikipedia

  • Cryptographic hash function — A cryptographic hash function (specifically, SHA 1) at work. Note that even small changes in the source input (here in the word over ) drastically change the resulting output, by the so called avalanche effect. A cryptographic hash function is a… …   Wikipedia

  • Correlation attack — In cryptography, correlation attacks are a class of known plaintext attacks for breaking stream ciphers whose keystream is generated by combining the output of several linear feedback shift registers (called LFSRs for the rest of this article)… …   Wikipedia

  • Correlation immunity — In mathematics, the correlation immunity of a Boolean function is a measure of the degree to which its outputs are uncorrelated with some subset of its inputs. Specifically, a Boolean function is said to be correlation immune of order m if every… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”

We are using cookies for the best presentation of our site. Continuing to use this site, you agree with this.