Skip to main content

Hitachi
Research & Development

News

24 July 2009
NIST announced the secound round candidates and Lesamnta was not selected. We appreciate all contributions (Security evaluations, implementations, ...) to Lesamnta. This page is archived for the academic research.
18 July. 2009
A minor change to the specification of Lesamnta is proposed.
24 June. 2009
A security analysis of Lesamnta is reported.
29 May. 2009
  • The estimated performance figures of Lesamnta on the next generation Intel processers with AES instructions are available.
19 Jan. 2009
  • The specification is updated.
19 Jan. 2009
  • The Lesamnta website is open.

What is Lesamnta?

Lesamnta is a new family of hash functions submitted to NIST for their cryptographic hash algorithm competition. Lesamnta consists of four algorithms: Lesamnta-224/256/384/512. For each algorithm, the Merkle-Damgaard domain extension with an output function is adopted, and both of the compression function and the output function are in the Matyas-Meyer-Oseas (MMO) mode with distinct block ciphers. Owing to the conservative design strategy, the security of Lesamnta is fairly reduced to the underlying block ciphers. We confirmed that Lesamnta is secure against various kinds of known attacks. Lesamnta is also well-designed in implementation; since inner functions of Lesamnta are similar to AES, software/hardware implementation techniques of AES will be applicable to the implementation of Lesamnta

Supplemental Information

The list of the newer coming security reports on security analysis, software and hardware implementations will be provided here.

Security Analysis

  • C. Bouillaguet, O. Dunkelman, G. Leurent, and P.-A. Fouque, ``Another Look at Complementation Properties,'' In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 347-364. Springer, 2010.
  • C. Bouillaguet, O. Dunkelman, G. Leurent, and P.-A. Fouque, `` Attacks on Hash Functions Based on Generalized Feistel: Application to Reduced-Round Lesamnta and SHAvite-3512 Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 18-35. Springer, 2011.

Software Implementations

32-bit / 64-bit CPU

The estimated performance figures of Lesamnta on the next generation Intel processers with AES instructions are given below.


Table 1: Performance of Lesamnta with AES instructions on 32/64-bit Intel CPUs

Intel AES instructions set (cycles/byte)
32-bit mode 64-bit mode
Lesamnta-256 24.5 23.0
Lesamnta-512 14.9 12.8

8-bit CPU


  • "A Comparative Study on RAM Requirements of Various SHA-3 Candidates on Low-cost 8-bit CPUs", Kota Ideguchi, Toru Owada, Hirotaka Yoshida. (29 May 2009) [download(PDF)]

Hardware Implementations

None.

Trademarks

  • Intel is a registered trademark and Core is the name of products of Intel Corporation in the U.S. and other countries.