Producing Collisions for PANAMA
Vincent Rijmen5 
, Bart Van Rompay5 , Bart Preneel5 and Joos Vandewalle5
| (5) |
ESAT-COSIC, Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee, Belgium |
Abstract
PANAMA is a cryptographic module that was presented at the FSE Workshop in ’98 by Joan Daemen and Craig Clapp. It can serve
both as a stream cipher and as a cryptographic hash function, with a hash result of 256 bits. PANAMA achieves high performance
(for large amounts of data) because of its inherent parallelism. We will analyse the security of PANAMA when used as a hash
function, and demonstrate an attack able to find collisions much faster than by birthday attack. The computational complexity
of our current attack is 282; the required amount of memory is negligible.
The work described in this paper has been supported in part by the Commission of the European Communities through the IST
Programme under Contract IST-1999-12324 and by the Concerted Research Action (GOA) Mefisto-666.
F.W.O. postdoctoral researcher, sponsored by the Fund for Scientific Research, Flanders — Belgium.
References secured to subscribers.