Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Construction of a Cioher From a Single Pseudorandom Permutation
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
On the Power of Memory in the Design of Collision Resistant Hash Functions
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A failure-friendly design principle for hash functions
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Towards optimal double-length hash functions
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
On the impossibility of highly-efficient blockcipher-based hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Building a Collision-Resistant Compression Function from Non-compressing Primitives
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Constructing Cryptographic Hash Functions from Fixed-Key Blockciphers
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Salvaging Merkle-Damgård for Practical Applications
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Security of Cyclic Double Block Length Hash Functions
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
A new mode of operation for block ciphers and length-preserving MACs
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
How (not) to efficiently dither blockcipher-based hash functions?
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Preimage resistance of LPm kr with r=m-1
Information Processing Letters
On hashing with tweakable ciphers
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Attacking the Knudsen-Preneel compression functions
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Security reductions of the second round SHA-3 candidates
ISC'10 Proceedings of the 13th international conference on Information security
MJH: a faster alternative to MDC-2
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Efficient hashing using the AES instruction set
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Stam’s collision resistance conjecture
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Energy-Efficient cryptographic engineering paradigm
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Collisions are not incidental: a compression function exploiting discrete geometry
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Efficient and optimally secure key-length extension for block ciphers via randomized cascading
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Security analysis and comparison of the SHA-3 finalists BLAKE, grøstl, JH, keccak, and skein
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Weimar-DM: a highly secure double-length compression function
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Provable security of the knudsen-preneel compression functions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Optimal collision security in double block length hashing with single length key
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Security of permutation-based compression function lp231
Information Processing Letters
| Hi-index | 0.00 |
We provide attacks and analysis that capture a tradeoff, in the ideal-permutation model, between the speed of a permutation-based hash function and its potential security. We show that any 2n-bit to n-bit compression function will have unacceptable collision resistance it makes fewer than three n-bit permutation invocations, and any 3n-bit to 2n-bit compression function will have unacceptable security if it makes fewer than five n-bit permutation invocations. Any rate-a hash function built from n-bit permutations can be broken, in the sense of finding preimages as well as collisions, in about N1-α queries, where N = 2n. Our results provide guidance when trying to design or analyze a permutation-based hash function about the limits of what can possibly be done.