Constructing Secure Hash Functions by Enhancing Merkle-Damgård Construction
نویسندگان
چکیده
Recently multi-block collision attacks (MBCA) were found on the Merkle-Damg̊ard (MD)-structure based hash functions MD5, SHA-0 and SHA-1. In this paper, we introduce a new cryptographic construction called 3C devised by enhancing the MD construction. We show that the 3C construction is at least as secure as the MD construction against single-block and multi-block collision attacks. This is the first result of this kind showing a generic construction which is at least as resistant as MD against MBCA. To further improve the resistance of the design against MBCA, we propose the 3C+ design as an enhancement of 3C. Both these constructions are very simple adjustments to the MD construction and are immune to the straight forward extension attacks that apply to the MD hash function. We also show that 3C resists some known generic attacks that work on the MD construction. Finally, we compare the security and efficiency features of 3C with other MD based proposals.
منابع مشابه
Merkle-Damgård Revisited: How to Construct a Hash Function
The most common way of constructing a hash function (e.g., SHA-1) is to iterate a compression function on the input message. The compression function is usually designed from scratch or made out of a block-cipher. In this paper, we introduce a new security notion for hash-functions, stronger than collision-resistance. Under this notion, the arbitrary length hash function H must behave as a rand...
متن کاملEnhancing the Security Level of SHA-1 by Replacing the MD Paradigm
Cryptographic hash functions are important cryptographic techniques and are used widely in many cryptographic applications and protocols. All the MD4 design based hash functions such as MD5, SHA-0, SHA-1 and RIPEMD-160 are built on Merkle-Damgård iterative method. Recent differential and generic attacks against these popular hash functions have shown weaknesses of both specific hash functions a...
متن کاملHash Functions: From Merkle-Damgård to Shoup
In this paper we study two possible approaches to improving existing schemes for constructing hash functions that hash arbitrary long messages. First, we introduce a continuum of function classes that lie between universal one-way hash functions and collision-resistant functions. For some of these classes efficient (yielding short keys) composite schemes exist. Second, we prove that the schedul...
متن کاملVerified Security of Merkle-Damgård
Cryptographic hash functions provide a basic data authentication mechanism and are used pervasively as building blocks to realize many cryptographic functionalities, including block ciphers, message authentication codes, key exchange protocols, and encryption and digital signature schemes. Since weaknesses in hash functions may imply vulnerabilities in the constructions that build upon them, en...
متن کاملOn the Strength of the Concatenated Hash Combiner When All the Hash Functions Are Weak
At Crypto 2004 Joux showed a novel attack against the concatenated hash combiner instantiated with Merkle-Damgård iterated hash functions. His method of producing multicollisions in the Merkle-Damgård design was the rst in a recent line of generic attacks against the Merkle-Damgård construction. In the same paper, Joux raised an open question concerning the strength of the concatenated hash com...
متن کامل