[Cryptography] Cryptanalyzing a whole-message cipher and a double-tree hash function

[Pierre Abbat]

I've invented a cipher and a hash function and am trying to cryptanalyze them. 
So far I've done a related-key attack with a 96-byte key (and shorter ones) 
and an 8-byte message and integral cryptanalysis with an 8-byte message. So 
far it's passed, though I've run the program less than an hour, and I should 
run it for longer. How should I make sure the cipher resists attacks when used 
to encipher a 729-byte, 524288-byte, 531441-byte, or longer message?

As to the hash function, I haven't found a sufficiently detailed explanation of 
how to attack hash functions. The hash function should resist the related-key 
attack equally well, since the cipher and hash use the same keying algorithm. 
I tried to find collisions of the compression function given two 32-byte 
blocks, where the compression function, both with sboxalt=0 and with 
sboxalt=1, give the same output when one byte of the input is changed. I found 
none. What are some other ways to attack hash functions?

https://github.com/phma/wring-twistree is the reference implementation, in 
both Rust and Haskell. https://github.com/phma/WringTwistree.jl is a Julia 
implementation, which passes all the test vectors, but allocates too much RAM 
when hashing a large vector, which I have to look into.

Pierre
-- 
.i toljundi do .ibabo mi'afra tu'a do
.ibabo damba do .ibabo do jinga
.icu'u la ma'atman.