We provide a symbolic model for protocols using public-key encryption and hash function, and prove that this model is computationally sound: if there is an attack in the computational world, then there is an attack in the symbolic (abstract) model. Our original contribution is that we deal with the security properties, such as anonymity, which cannot be described using a single execution trace,...

In this paper,we proposed a efficient and laconic mode for iterative hash functions and tried to fix the flaws of the Merkle-Damgaard construction completely and certainly tried to prevent varieties of those generic attacks ,such as Multicollisions Attack,Second Preimage Attack and Herding Attack.The structure of this new mode is different from HAIFA or any other proposal,it contains a new meth...

In this paper,we proposed a efficient and laconic mode for iterative hash functions and tried to fix the flaws of the Merkle-Damgaard construction completely and certainly tried to prevent varieties of those generic attacks ,such as Multicollisions Attack,Second Preimage Attack and Herding Attack.The structure of this new mode is different from HAIFA or any other proposal,it contains a new meth...

We propose an efficient identity-based signature (IBS) scheme. The security of our scheme is proved in the random oracle model. Core technical components of our constructions are built on an arborist extends its control for a lattice to an arbitrary higher-dimensional extension. We use lattice's growth and lattice basis randomization securely to generate the user's secret key, and use trapdoor ...

In this paper, we analyze the hash functions Dynamic SHA and Dynamic SHA2, which have been selected as first round candidates in the NIST hash function competition. These hash functions rely heavily on data-dependent rotations, similar to certain block ciphers, e.g., RC5. Our analysis suggests that in the case of hash functions, where the attacker has more control over the rotations, this appro...

In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on “original” key recovery for HMAC (previous works only suc...

We revisit the definitions of preimage resistance, focussing on the question of finding a definition that is simple enough to prove security against, yet flexible enough to be of use for most applications. We show that—counter to what was previously thought—Rogaway and Shrimpton’s notion of everywhere preimage resistance on its own does not fit this bill. We thus set out to fix the situation. O...

Knudsen and Preneel (Asiacrypt’96 and Crypto’97) introduced a hash function design in which a linear error-correcting code is used to build a wide-pipe compression function from underlying blockciphers operating in Davies-Meyer mode. Their main design goal was to deliver compression functions with collision resistance up to, and even beyond, the block size of the underlying blockciphers. In thi...

In Eurocrypt 2006, Contini, Lenstra, and Steinfeld proposed a new hash function primitive, VSH, very smooth hash. In this brief paper we offer commentary on the resistance of VSH against some standard cryptanalytic attacks, including preimage attacks and collision search for a truncated VSH. Although the authors of VSH claim only collision resistance, we show why one must be very careful when u...

In this paper, we investigate Keccak — the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such the variant, collision and preimage attacks are possible. We also identify a class of weak keys for the malicious Keccak working in the MAC mode. Ideas presented in the paper were ver...