Provably good codes for hash function design

Authors:
Charanjit S. Jutla;Anindya C. Patthak
Affiliations:
Thomas J. Watson Research Center, Yorktown Heights, NY;Intel, Hillsboro, OR
Venue:
IEEE Transactions on Information Theory
Year:
2009

Citing 14
Cited 0

Introduction to Coding Theory

Introduction to Coding Theory
Differential Collisions in SHA-0

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Provably good codes for hash function design

SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Quasicyclic codes of index l over Fq viewed as Fq[x]-submodules of Fql[x]/ċ xmċ1ċ

AAECC'03 Proceedings of the 15th international conference on Applied algebra, algebraic algorithms and error-correcting codes
Finding good differential patterns for attacks on SHA-1

WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
Analysis of step-reduced SHA-256

FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Update on SHA-1

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Efficient collision search attacks on SHA-0

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Exploiting coding theory for collision attacks on SHA-1

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
The intractability of computing the minimum distance of a code

IEEE Transactions on Information Theory
A new algorithm for finding minimum-weight words in a linear code: application to McEliece's cryptosystem and to narrow-sense BCH codes of length 511

IEEE Transactions on Information Theory
Hardness of approximating the minimum distance of a linear code

IEEE Transactions on Information Theory
On the algebraic structure of quasi-cyclic codes III: generator theory

IEEE Transactions on Information Theory

Quantified Score

Hi-index	754.84

Visualization

Abstract

A new technique to lower-bound the minimum distance of certain types of quasi-cyclic codes with large dimension by reducing the problem to lower-bounding the minimum distance of a few significantly smaller codes has been developed. These codes have the property that they have extremely efficient software encoders. Using this technique, it is proved that a code which is similar to the SHA-1 (Secure Hash Algorithm, to be explained shortly) message expansion code has minimum distance 82, and that too in just the last 64 of the 80 expanded words. In fact, the proposed code has much greater distance than that of SHA-1 code, which makes our proposed hashing scheme robust against cryptographic attacks. The technique is further used to find the minimum weight of the SHA-1 code itself (25 in last 60 words), which was an open problem. Estimating minimum distance of a code given by its parity-check matrix is well known to be a hard problem. Our technique is expected to be helpful in estimating minimum distance of similar codes as well as in designing future practical cryptographic hash functions.