Optimum RAte spoNGE or ORANGE in abbreviation, is an authenticated encryption and sponge hash scheme based on any permutation, that employs sponge based encryption and hash which can absorb data in the optimum rate. The ORANGE based AE and Hash functions are named as ORANGE-Zest and ORANGISH respectively .


The mode for ORANGE-Zest is a close variant of sponge with full state absorption. The full state absorption is possible as we hold another state of size 128-bits, a part of the output of previous execution of the underlying permutation. We use this dynamic secret state to mask a part of the ciphertext. For further details see ORANGE-Zest.


The mode of hash function ORANGISH is very close to the JH hash function which is one of the finalists of SHA3-competition. JH mode allows us to absorb 128 bit data for each permutation call. Thus, it has higher throughput compared with classical sponge hash function .For further details see ORANGISH.


  1. Guido Bertoni, Joan Daemen, Micha¨el Peeters, and Gilles Van Assche. Sponge functions. In ECRYPT hash workshop, volume 2007. Citeseer, 2007.
  2. Guido Bertoni, Joan Daemen, Michael Peeters, and Gilles Van Assche. On the indifferentiability of the sponge construction. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 181–197. Springer, 2008.
  3. Avik Chakraborti, Nilanjan Datta, Mridul Nandi, and Kan Yasuda. Beetle family of lightweight and secure authenticated encryption ciphers. IACR Cryptology ePrint Archive, 2018:805, 2018
  4. Tingting Cui, Ling Sun, Huaifeng Chen, and Meiqin Wang. Statistical integral distinguisher with multi-structure and its application on AES. In Information Security and Privacy - 22nd Australasian Conference, ACISP 2017, Auckland, New Zealand, July 3-5, 2017, Proceedings, Part I, pages 402–420, 2017.
  5. Jian Guo, Thomas Peyrin, and Axel Poschmann. The PHOTON family of lightweight hash functions. In Phillip Rogaway, editor, Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2011. Proceedings, volume 6841 of Lecture Notes in Computer Science, pages 222–239. Springer, 2011.
  6. J´er´emy Jean, Mar´ıa Naya-Plasencia, and Thomas Peyrin. Improved rebound attack on the finalist grøstl. In Anne Canteaut, editor, Fast Software Encryption - 19th International Workshop, FSE 2012, Washington, DC, USA, March 19-21, 2012. Revised Selected Papers, volume 7549 of LNCS, pages 110– 126. Springer, 2012.
  7. J´er´emy Jean, Mar´ıa Naya-Plasencia, and Thomas Peyrin. Multiple limited-birthday distinguishers and applications. In Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby, BC, Canada, August 14-16, 2013, Revised Selected Papers, pages 533–550, 2013.
  8. Yusuke Naito and Kazuo Ohta. Improved indifferentiable security analysis of PHOTON. In Security and Cryptography for Networks - 9th International Conference, SCN 2014, Amalfi, Italy, September 3-5, 2014. Proceedings, pages 340–357, 2014.
  9. Qingju Wang, Lorenzo Grassi, and Christian Rechberger. Zero-sum partitions of PHOTON permutations. In Topics in Cryptology - CT-RSA 2018 - The Cryptographers’ Track at the RSA Conference 2018, San Francisco, CA, USA, April 16-20, 2018, Proceedings, pages 279–299, 2018.
  10. Hongjun Wu. The hash function jh. Submission to NIST (round 3), 6, 2011.