How to construct random functions
Journal of the ACM (JACM)
Generating hard instances of lattice problems (extended abstract)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
A Generalized Birthday Problem
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
FFT-Hash-II is not yet Collision-free
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Collisions for Schnorr's Hash Function FFT-Hash Presented at Crypto '91
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Fast Software Encryption, Cambridge Security Workshop
Noise-tolerant learning, the parity problem, and the statistical query model
Journal of the ACM (JACM)
An Improved Worst-Case to Average-Case Connection for Lattice Problems
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Almost Perfect Lattices, the Covering Radius Problem, and Applications to Ajtai's Connection Factor
SIAM Journal on Computing
Lattices that admit logarithmic worst-case to average-case connection factors
Proceedings of the thirty-ninth annual ACM symposium on Theory of computing
Worst-Case to Average-Case Reductions Based on Gaussian Measures
SIAM Journal on Computing
Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions
Computational Complexity
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory
APPROX'05/RANDOM'05 Proceedings of the 8th international workshop on Approximation, Randomization and Combinatorial Optimization Problems, and Proceedings of the 9th international conference on Randamization and Computation: algorithms and techniques
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Hash Functions from Sigma Protocols and Improvements to VSH
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Concurrently Secure Identification Schemes Based on the Worst-Case Hardness of Lattice Problems
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rigorous and Efficient Short Lattice Vectors Enumeration
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Modular Design for Hash Functions: Towards Making the Mix-Compress-Mix Approach Practical
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Fiat-Shamir with Aborts: Applications to Lattice and Factoring-Based Signatures
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
A lattice-based threshold ring signature scheme
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Generic constructions for verifiably encrypted signatures without random oracles or NIZKs
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Improved zero-knowledge identification with lattices
ProvSec'10 Proceedings of the 4th international conference on Provable security
Interpreting hash function security proofs
ProvSec'10 Proceedings of the 4th international conference on Provable security
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Improving BDD cryptosystems in general lattices
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
The geometry of lattice cryptography
Foundations of security analysis and design VI
Faster and smoother: VSH revisited
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Fully homomorphic encryption from ring-LWE and security for key dependent messages
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Can homomorphic encryption be practical?
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
New generic algorithms for hard knapsacks
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Parallel shortest lattice vector enumeration on graphics cards
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Cryptography from learning parity with noise
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Trapdoors for lattices: simpler, tighter, faster, smaller
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Pseudorandom functions and lattices
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Full lattice basis reduction on graphics cards
WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology
Selective document retrieval from encrypted database
ISC'12 Proceedings of the 15th international conference on Information Security
Towards efficient arithmetic for lattice-based cryptography on reconfigurable hardware
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
Practical lattice-based cryptography: a signature scheme for embedded systems
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A ciphertext policy attribute-based encryption scheme without pairings
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
| Hi-index | 0.00 |
We propose SWIFFT, a collection of compression functions that are highly parallelizable and admit very efficient implementations on modern microprocessors. The main technique underlying our functions is a novel use of the Fast Fourier Transform(FFT) to achieve "diffusion," together with a linear combination to achieve compression and "confusion." We provide a detailed security analysis of concrete instantiations, and give a high-performance software implementation that exploits the inherent parallelism of the FFT algorithm. The throughput of our implementation is competitive with that of SHA-256, with additional parallelism yet to be exploited.Our functions are set apart from prior proposals (having comparable efficiency) by a supporting asymptotic security proof: it can be formally proved that finding a collision in a randomly-chosen function from the family (with noticeable probability) is at least as hard as finding short vectors in cyclic/ideal lattices in the worst case.