Limits on the Efficiency of One-Way Permutation-Based Hash Functions

نویسندگان

  • Jeong Han Kim
  • Daniel R. Simon
  • Prasad Tetali
چکیده

Naor and Yung show that a one-bit-compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by εn bits, at the cost of εn invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative to which there exists a oneway permutation with inversion probability 2 (for any p(n) ∈ ω(log n)), but any construction of an εn-bit-compressing UOWHF requires Ω( √ n/p(n)) invocations of the one-way permutation, on average. (For example, there exists in this relativized world a one-way permutation with inversion probability n, but no UOWHF that invokes it fewer than Ω( √ n/ log n) times.) Thus any proof that a more efficient UOWHF can be derived from a one-way permutation is necessarily non-relativizing; in particular, no provable construction of a more efficient UOWHF can exist based solely on a “black box” one-way permutation. This result can be viewed as a partial justification for the practice of building efficient UOWHFs from stronger primitives (such as collision-intractable hash functions), rather than from weaker primitives such as one-way permutations.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A NEW SECRET SHARING SCHEME ADVERSARY FUZZY STRUCTURE BASED ON AUTOMATA

In this paper,we introduce a new verifiable multi-use multi-secretsharing scheme based on automata and one-way hash function. The scheme has theadversary fuzzy structure and satisfy the following properties:1) The dealer can change the participants and the adversary fuzzy structure without refreshing any participants' real-shadow. 2) The scheme is based on the inversion of weakly invertible fin...

متن کامل

Limits on the E ciency of One-Way Permutation-Based Hash Functions

Naor and Yung show that a one-bit-compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by "n bits, at the cost of "n invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative to which t...

متن کامل

Limits on the E ciency of One - Way Permutation - Based HashFunctionsJeong

Naor and Yung ((NY89]) show that a one-bit-compressing universal one-way hash function (UOWHF) can be constructed based on a one-way permutation. This construction can be iterated to build a UOWHF which compresses by "n bits, at the cost of "n invocations of the one-way permutation. We show that this construction is not far from optimal, in the following sense: there exists an oracle relative t...

متن کامل

Sponge Based CCA2 Secure Asymmetric Encryption for Arbitrary Length Message

OAEP and other similar schemes proven secure in Random-Oracle Model require one or more hash functions with output size larger than those of standard hash functions. In this paper, we show that by utilizing popular Sponge constructions in OAEP framework, we can eliminate the need of such hash functions. We provide a new scheme in OAEP framework based on Sponge construction and call our scheme S...

متن کامل

Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions?

We prove the existence of an oracle relative to which there exist seveial well-known cryptographic primitives, including one-way permutations, but excluding (for a suitably strong definition) collision-intractible hash functions. Thus any proof that such functions can be derived from these weaker primitives is necessarily non-relativizing; in particular, no provable construction of a collision-...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1999