Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Collisions for 70-step SHA-1: on the full cost of collision search
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
On the indifferentiability of the sponge construction
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Higher-order differential properties of KECCAK and Luffa
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
On security arguments of the second round SHA-3 candidates
International Journal of Information Security
The parazoa family: generalizing the sponge hash functions
International Journal of Information Security
Hi-index | 0.00 |
Cryptographic hash functions play a central role in cryptography: they map arbitrarily large input strings to fixed length output strings. The main applications are to create a short unique identifier to a string, to transform a string with a one-way mapping, and to commit to a string or to confirm its knowledge without revealing it. Additional applications are the mapping of group or field elements to strings, key derivation and the extraction of entropy. The main security requirements are preimage and second preimage resistance, collision resistance and indifferentiability from a random oracle. During the last three decades, more than 200 hash functions designs have been published; many of those have been cryptanalyzed, including widely used schemes such as MD5 and SHA-1. Moreover, there was a lack of theoretical understanding of their constructions; as a consequence, structural flaws were identified in widely used designs. These concerns also undermined to some extent the confidence in the SHA-2 hash functions, that have been designed for long term security. As a consequence, the US National Institute for Standards and Technology has organized an open competition. The competition started in November 2007; after five years of intense design, analysis and debate the Keccak function was announced as the winner in October 2012. The new FIPS standard is expected to be published in 2014. This extended abstract will identify some lessons learned during this competition.