Collision - Resistant Hashing from Ideal Lattices
نویسندگان
چکیده
منابع مشابه
Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices
The generalized knapsack function is defined as fa(x) = P i ai · xi, where a = (a1, . . . , am) consists of m elements from some ring R, and x = (x1, . . . , xm) consists of m coefficients from a specified subset S ⊆ R. Micciancio (FOCS 2002) proposed a specific choice of the ring R and subset S for which inverting this function (for random a,x) is at least as hard as solving certain worst-case...
متن کاملGeneralized Compact Knapsacks Are Collision Resistant
The generalized knapsack problem is the following: given m random elements a1, . . . , am in a ring R, and a target t ∈ R, find z1, . . . , zm ∈ D such that P aizi = t, where D is some fixed subset of R. In (Micciancio, FOCS 2002) it was proved that for appropriate choices of R and D, solving the generalized compact knapsack problem on the average is as hard as solving certain worst-case proble...
متن کاملA Collision-Resistant Rate-1 Double-Block-Length Hash Function
This paper proposes a construction for collision resistant 2n-bit hash functions, based on n-bit block ciphers with 2n-bit keys. The construction is analysed in the ideal cipher model; for n = 128 an adversary would need roughly 2 units of time to find a collision. The construction employs “combinatorial” hashing as an underlying building block (like Universal Hashing for cryptographic message ...
متن کاملIdentifying Ideal Lattices
Micciancio defined a generalization of cyclic lattices, called ideal lattices. These lattices can be used in cryptosystems to decrease the number of parameters necessary to describe a lattice by a square root, making them more efficient. He proves that the computational intractability of classic lattice problems for these lattices gives rise to provably secure one-way and collision-resistant ha...
متن کاملDensity of Ideal Lattices
The security of many efficient cryptographic constructions, e.g. collision-resistant hash functions, digital signatures, identification schemes, and more recently public-key encryption has been proven assuming the hardness of worst-case computational problems in ideal lattices. These lattices correspond to ideals in the ring Z[ζ], where ζ is some fixed algebraic integer. Under the assumption th...
متن کامل