A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
RIPEMD-160: A Strengthened Version of RIPEMD
Proceedings of the Third International Workshop on Fast Software Encryption
Proceedings of the Third International Workshop on Fast Software Encryption
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the indifferentiability of the sponge construction
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Security reductions of the second round SHA-3 candidates
ISC'10 Proceedings of the 13th international conference on Information security
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hi-index | 0.00 |
Cryptographic hash functions map input strings of arbitrary length to fixed length output strings. They are expected to satisfy several security properties that include preimage resistance, second preimage resistance, and collision resistance. The free availability of efficient software-oriented hash functions such as MD4, MD5 and SHA-1 has resulted in a very broad deployment of hash functions, way beyond their initial design purposes. In spite of the importance for applications, until 2005 the amount of theoretical research and cryptanalysis invested in this topic was rather limited. Moreover, cryptanalysts had been winning the battle from designers: about 4 of every 5 designs were broken. In 2004 Wang et al. made a breakthrough in the cryptanalysis of MD4, MD5 and SHA-1. Around the same time, serious shortcomings were identified in the theoretical foundations of existing designs. In response to this hash function crisis, in the last five years a substantial number of papers has been published with theoretical results and novel designs. Moreover, NIST announced in November 2007 the start of the SHA-3 competition, with as goal to select a new hash function family by 2012. We present a brief outline of the state of the art of hash functions in the last year of the competition and attempt to identify the lessons learned and some open research problems.