Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Universal one-way hash functions and their cryptographic applications
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A fast software one-way hash function
Journal of Cryptology
Differential cryptanalysis of hash functions based on block ciphers
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Parallel collision search with application to hash functions and discrete logarithms
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
On the security of multiple encryption
Communications of the ACM
Integrity Primitives for Secure Information Systems: Final Ripe Report of Race Integrity Primitives Evaluation
Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Fast and Secure Hashing Based on Codes
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
RIPEMD-160: A Strengthened Version of RIPEMD
Proceedings of the Third International Workshop on Fast Software Encryption
Proceedings of the Third International Workshop on Fast Software Encryption
TIGER: A Fast New Hash Function
Proceedings of the Third International Workshop on Fast Software Encryption
The First Two Rounds of MD4 are Not One-Way
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Highly Parallel Cryptographic Attacks
Proceedings of the 4th European PVM/MPI Users' Group Meeting on Recent Advances in Parallel Virtual Machine and Message Passing Interface
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Collision free hash functions and public key signature schemes
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
Cryptographic Primitives for Information Authentication - State of the Art
State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures
Looking Back at a New Hash Function
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
ERINDALE: A Polynomial Based Hashing Algorithm
IWCC '09 Proceedings of the 2nd International Workshop on Coding and Cryptology
| Hi-index | 0.00 |
We present new, efficient and practical schemes for construction of collision-resistant hash functions, and analyze some simple methods for combining existing hash-function designs so as to enhance their security. In our new constructions, we first map the input to a slightly longer string using a primitive we introduce called secure stretch functions. These are length-increasing almost surely injective one-way functions that sufficiently randomize their inputs so that it is hard for an adversary to force the outputs to fall into a target set. Then we apply a compression function to the output of the stretch function. We analyze the security of these constructions under different types of assumptions on both stretch and compression functions. These assumptions combine random-function models, intractability of certain "biasing" tasks, and the degeneracy structure of compression functions. The use of stretching seems to allow reduced requirements on the compression function, and may be of independent interest. These constructions allow one to use popular and efficient primitives such as MD5, SHA-1, and RIPEMD that may exhibit weaknesses as collision-resistant functions. But no attacks are currently known on their one-way and randomizing properties, when they are used as stretch functions as in our constructions. There are several collision-resistant hash functions based on des for which there are no known effective attacks, but which are too slow for most practical applications. Our use of stretch functions enable us to base our compression function on des so that the resulting hash function achieves practical speeds: a test implementation runs at 40% of the speed of MD5. We also suggest some imperfect random-oracle models, showing how to build better primitives from given imperfect ones. In this vein, we also analyze how to defend against a collision-finding adversary for a given primitive by building "independent" primitives.