On families of hash functions via geometric codes and concatenation
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Universal hashing and authentication codes
Designs, Codes and Cryptography
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
On Fast and Provably Secure Message Authentication Based on Universal Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
MMH: Software Message Authentication in the Gbit/Second Rates
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
A general mixing strategy for the ECB-Mix-ECB mode of operation
Information Processing Letters
The Poly1305-AES message-authentication code
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
The universality of iterated hashing over variable-length strings
Discrete Applied Mathematics
Double ciphertext mode: a proposal for secure backup
International Journal of Applied Cryptography
Double ciphertext mode: a proposal for secure backup
International Journal of Applied Cryptography
Cycling attacks on GCM, GHASH and other polynomial MACs and hashes
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Hi-index | 0.00 |
Let $${\mathbb{F}}$$ be a finite field and suppose that a single element of $${\mathbb{F}}$$ is used as an authenticator (or tag). Further, suppose that any message consists of at most L elements of $${\mathbb{F}}$$ . For this setting, usual polynomial based universal hashing achieves a collision bound of $${(L-1)/|\mathbb{F}|}$$ using a single element of $${\mathbb{F}}$$ as the key. The well-known multi-linear hashing achieves a collision bound of $${1/|\mathbb{F}|}$$ using L elements of $${\mathbb{F}}$$ as the key. In this work, we present a new universal hash function which achieves a collision bound of $${m\lceil\log_m L\rceil/|\mathbb{F}|, m\geq 2}$$ , using $${1+\lceil\log_m L\rceil}$$ elements of $${\mathbb{F}}$$ as the key. This provides a new trade-off between key size and collision probability for universal hash functions.