Results 1  10
of
12
SWIFFT: A Modest Proposal for FFT Hashing
"... We propose SWIFFT, a collection of compression functions that are highly parallelizable and admit very efficient implementations on modern microprocessors. The main technique underlying our functions is a novel use of the Fast Fourier Transform (FFT) to achieve “diffusion, ” together with a linear ..."
Abstract

Cited by 51 (17 self)
 Add to MetaCart
(Show Context)
We propose SWIFFT, a collection of compression functions that are highly parallelizable and admit very efficient implementations on modern microprocessors. The main technique underlying our functions is a novel use of the Fast Fourier Transform (FFT) to achieve “diffusion, ” together with a linear combination to achieve compression and “confusion. ” We provide a detailed security analysis of concrete instantiations, and give a highperformance software implementation that exploits the inherent parallelism of the FFT algorithm. The throughput of our implementation is competitive with that of SHA256, with additional parallelism yet to be exploited. Our functions are set apart from prior proposals (having comparable efficiency) by a supporting asymptotic security proof: it can be formally proved that finding a collision in a randomlychosen function from the family (with noticeable probability) is at least as hard as finding short vectors in cyclic/ideal lattices in the worst case.
FFTHashII is not yet Collisionfree
, 1992
"... . In this paper, we show that the FFTHash function proposed by Schnorr [2] is not collision free. Finding a collision requires about 2 24 computation of the basic function of FFT. This can be done in few hours on a SUN4workstation. In fact, it is at most as strong as a oneway hash function whic ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
. In this paper, we show that the FFTHash function proposed by Schnorr [2] is not collision free. Finding a collision requires about 2 24 computation of the basic function of FFT. This can be done in few hours on a SUN4workstation. In fact, it is at most as strong as a oneway hash function which returns a 48 bits length value. Thus, we can invert the proposed FFT hashfunction with 2 48 basic computations. Some simple improvements of the FFT hash function are also proposed to try to get rid of the weaknesses of FFT. History The first version of FFTHashing was proposed by Schnorr during the rump session of Crypto'91 [1]. This function has been shown not to be collision free at Eurocrypt'92 [3]. An improvement of the function has been proposed the same day [2] without the weaknesses discovered. However, FFTHashing has still some other weaknesses as it is proved in this paper. 1 FFTHashII, Notations The FFThash function is built on a basic function ! : ? which takes one 128b...
Provably secure FFT hashing
 2nd NIST Cryptographic Hash Function Workshop
, 2006
"... We propose a new family of collision resistant hash functions with the distinguishing feature of being provably secure. The main technique underlying our functions is a novel use of the Fast Fourier Transform to achieve ideal “diffusion ” properties, together with a random linear function to achieve ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
We propose a new family of collision resistant hash functions with the distinguishing feature of being provably secure. The main technique underlying our functions is a novel use of the Fast Fourier Transform to achieve ideal “diffusion ” properties, together with a random linear function to achieve compression and “confusion”. Our functions admit fast implementation both in hardware and software, but are set apart from previous proposals (based on similar building blocks) in the literature by a supporting security proof: it can be formally proven that (asymptotically) finding collisions to our functions (for keys chosen uniformly at random) with nonnegligible probability is at least as hard as solving certain lattice problems in the worst case. Our proposal and techniques are based on previous work by Micciancio (FOCS
Design principles for dedicated hash functions
 LECTURE NOTES IN THE COMPUTER JOURNAL, 2007 COMPUTER SCIENCE
, 1994
"... Dedicated hash functions are cryptographically secure compression functions which are designed specifically for hashing. They intend to form a practical alternative for hash functions based on another cryptographic primitive like a block cipher or modular squaring. About a dozen of dedicated hash ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Dedicated hash functions are cryptographically secure compression functions which are designed specifically for hashing. They intend to form a practical alternative for hash functions based on another cryptographic primitive like a block cipher or modular squaring. About a dozen of dedicated hash functions have been proposed in the literature. This paper discusses the design principles on which these hash functions are based.
1CRYPTOGRAPHIC HASH FUNCTIONS: AN OVERVIEW
"... Cryptographic hash functions are a useful building block for several cryptographic applications. The most important are certainly the protection of information authentication and digital signatures. This overview paper will discuss the de¯nitions, describe some attacks on hash functions, and will gi ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Cryptographic hash functions are a useful building block for several cryptographic applications. The most important are certainly the protection of information authentication and digital signatures. This overview paper will discuss the de¯nitions, describe some attacks on hash functions, and will give an overview of the existing practical constructions. 1
Cryptographic Hash Functions: A Review
"... Cryptographic Hash functions are used to achieve a number of security objectives. In this paper, we bring out the importance of hash functions, its various structures, design techniques, attacks and the progressive recent development in this field. ..."
Abstract
 Add to MetaCart
(Show Context)
Cryptographic Hash functions are used to achieve a number of security objectives. In this paper, we bring out the importance of hash functions, its various structures, design techniques, attacks and the progressive recent development in this field.
An Efficient Hardware Architecture for Spectral Hash Algorithm
"... The Spectral Hash algorithm is one of the Round 1 candidates for the SHA3 family, and is based on spectral arithmetic over a finite field, involving multidimensional discrete Fourier transformations over a finite field, data dependent permutations, Rubictype rotations, and affine and nonlinear fun ..."
Abstract
 Add to MetaCart
(Show Context)
The Spectral Hash algorithm is one of the Round 1 candidates for the SHA3 family, and is based on spectral arithmetic over a finite field, involving multidimensional discrete Fourier transformations over a finite field, data dependent permutations, Rubictype rotations, and affine and nonlinear functions. The underlying mathematical structures and operations pose interesting and challenging tasks for computer architects and hardware designers to create fast, efficient, and compact ASIC and FPGA realizations. In this paper, we present an efficient hardware architecture for the full 512bit hash computation using the spectral hash algorithm. We have created a pipelined implementation on a Xilinx Virtex4 XC4VLX20011 FPGA which yields 100 MHz and occupies 38,328 slices, generating a throughput of 51.2 Gbps. Our fully parallel implementation shows that the spectral hash algorithm is about 100 times faster than the fastest SHA1 implementation, while requiring only about 13 times as many logic slices. 1.
Algorithm Inventors/Developers:
"... Abstract. We describe a new family of hash functions using the discrete Fourier transform and a nonlinear transformation constructed via data dependent permutations. The discrete Fourier transform is a wellknown cryptographic primitive perfect for generating diffusion and confusion. Due to the usag ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. We describe a new family of hash functions using the discrete Fourier transform and a nonlinear transformation constructed via data dependent permutations. The discrete Fourier transform is a wellknown cryptographic primitive perfect for generating diffusion and confusion. Due to the usage of the discrete Fourier transform with a nonlinear transformation, the proposed hash generation method is immune to known attacks. Since spectral methods yield efficient and
Preimage Attack on Parallel FFTHashing
"... Vaudenay in 1993. The function is a simple and light weight hash algorithm with 128bit digest. Its basic component is a multipermutation which helps in proving its resistance to collision attacks. In this work we show a preimage attack on Parallel FFTHashing with complexity 2 t+64 + 2 128−t and m ..."
Abstract
 Add to MetaCart
(Show Context)
Vaudenay in 1993. The function is a simple and light weight hash algorithm with 128bit digest. Its basic component is a multipermutation which helps in proving its resistance to collision attacks. In this work we show a preimage attack on Parallel FFTHashing with complexity 2 t+64 + 2 128−t and memory 2 t which is less than the generic complexity 2 128. When t = 32, we can find a preimage with complexity 2 97 and memory 2 32. Our method can be described as “disseminativemeetinthemiddleattack” we actually use the properties of multipermutation (helpful against collision attack) to our advantage in the attack. Overall, this type of attack (beating the generic one) demonstrates that the structure of Parallel FFTHashing has some weaknesses when preimage attack is considered. To the best of our knowledge, this is the first attack on Parallel FFTHashing.