Can anyone explain the advantages, disadvantages and reasons behind the choice of each algorithm?
Interesting question, I only knew the hashing function "luffa" and googling I found out that:
6 Conclusion
We developed a number of new di�erential techniques for the analysis of Lu�a.
Our results do not threaten the security of Lu�ffa as they are on building blocks
and not on the full hash function. Even though they do not contradict the
designers' claims, our results improve upon previous work in several ways. When
considering collision attacks on the hash function with limited access to internal
variables, also less degrees of freedom are available for an attacker. Still, we
argue that the new techniques in this paper will be very useful to analyze Lu�a
further in this setting. Also, the improvements to the rebound attack are likely
to be useful in the attacks on non-AES-based designs.
from:
http://naya.plasencia.free.fr/Maria/papers/luffa.pdfI think that the developer will be able to answer for others...