A new Design Criteria for Hash-Functions
نویسندگان
چکیده
The most common way of constructing a hash function (e.g., SHA-1) is to iterate a compression function on the input message. The compression function is usually designed from scratch or made out of a block-cipher. In this paper, we introduce a new security notion for hash-functions, stronger than collision-resistance. Under this notion, the arbitrary length hash function H must behave as a random oracle when the fixed-length building block is viewed as an ideal primitive. This enables to eliminate all possible generic attacks against iterative hash-functions. In this paper, we show that the current design principle behind hash functions such as SHA-1 and MD5 — the (strengthened) Merkle-Damg̊ard transformation — does not satisfy this security notion. We provide several constructions that provably satisfy this notion; those new constructions introduce minimal changes to the plain Merkle-Damg̊ard construction and are easily implementable in practice. This paper is a modified version of a paper that appeared in Crypto 2005.
منابع مشابه
Analysis and Design of Cryptographic Hash Functions
The subject of this thesis is the study of cryptographic hash functions. The importance of hash functions for protecting the authenticity of information is demonstrated. Applications include integrity protection, conventional message authentication and digital signatures. Theoretical results on cryptographic hash functions are reviewed. The information theoretic approach to authentication is de...
متن کاملRC 4 - Hash : A New Hash Function based on RC 4 ( Extended Abstract )
In this paper, we propose a new hash function based on RC4 and we call it RC4-Hash. This proposed hash function produces variable length hash output from 16 bytes to 64 bytes. Our RC4-Hash has several advantages over many popularly known hash functions. Its efficiency is comparable with widely used known hash function (e.g., SHA-1). Seen in the light of recent attacks on MD4, MD5, SHA-0, SHA-1 ...
متن کاملNew Design Criteria for Hash Functions and Block Ciphers
Cryptographic primitives, such as hash functions and block ciphers, are integral components in several practical cryptographic schemes. In order to prove security of these schemes, a variety of security assumptions are made on the underlying hash function or block cipher, such as collision-resistance, pseudorandomness etc. In fact, such assumptions are often made without much regard for the act...
متن کاملSecurity considerations for incremental hash functions based on pair block chaining
Incremental hash functions have gained much attention due to their incremental property, i.e. hashes of updated messages can be speedily computed from previous hashes without having to re-hash the message as was the case in conventional hash functions. In this paper, we first show how collisions can be obtained in such incremental hash functions that are based on pair block chaining, highlighti...
متن کاملA NEW SECRET SHARING SCHEME ADVERSARY FUZZY STRUCTURE BASED ON AUTOMATA
In this paper,we introduce a new verifiable multi-use multi-secretsharing scheme based on automata and one-way hash function. The scheme has theadversary fuzzy structure and satisfy the following properties:1) The dealer can change the participants and the adversary fuzzy structure without refreshing any participants' real-shadow. 2) The scheme is based on the inversion of weakly invertible fin...
متن کامل