Abstract: The connections among the various nonlinearity criteria is currently an important topic in the area of designing and analyzing cryptographic functions. In this paper we show a quantitative relationship between propagation characteristics and nonlinearity, two critical indicators of the cryptographic strength of a Boolean function. We also present a tight lower bound on the nonlinearity of a cryptographic function that has propagation characteristics.

. We give a new definition of keyed hash functions and show its relation with strongly universal hash functions and Cartesian authentication codes. We propose an algorithm for a secure keyed hash function and present preliminary result on its performance. The algorithm can be used for fast (about twice the speed of MD5) and secure message authentication. 1 Introduction Hash functions were introduced in early 1950's [20]. The original aim was to have functions that can uniformly map a large collection of messages into a small set of message digests (or hash values). A useful application of hash functions is for error detection. Appending message digest to the message allows detection of errors during transmission. In the receiving end, the hash value of the received message is recalculated and compared with the received hash value. If they do not match, an error has occurred. This detection is only for random errors. An active spoofer may intercept a message, modify it as he wishes, an...

Dedicated hash functions are cryptographically secure compression functions which are designed specifically for hashing. They intend to form a practical alternative for hash functions based on another cryptographic primitive like a block cipher or modular squaring. About a dozen of dedicated hash functions have been proposed in the literature. This paper discusses the design principles on which these hash functions are based.

Abstract. One-way hash functions are an important toolinachieving authentication and data integrity. The aim of this paper is to propose anovel one-way hash function based on cellular automata whose cryptographic properties have been extensivelystudiedover the past decade or so. Furthermore, security of the proposed one-way hash function is analyzed by the use of very recently published results on applications of cellular automata in cryptography. The analysis indicates that the one-way hash function is secure against all known attacks. An important feature of the proposed one-way hash function is that it is especially suitable for compact and fast implementation in hardware, which is particularly attractive to emerging security applications that employ smart cards, such asdigital identi cation cards and electronic cash payment protocols, 1

Use of encryption algorithms in message authentication is replaced by secure hash functions which are often faster than encryption algorithms. Tsudik [14] has proposed three methods on message authentication which are only based on one-way hash functions and use some keys to make them secure. In this paper, we give a set of practical methods, each of which uses a fast collision free hash function (such as MD5) and provides secure message authentication. The idea of the proposed methods is almost similar to that of Tsudik's, but we are able to reduce the key length eight times compared to the Tsudik's constructions, while maintaining the same security. In our methods, the secret key is added using exclusive-or or assign operators (instead of concatenation) to make them faster. We also have proved that our methods belong to the Secure Keyed One-Way Hash Function (SKOWHF) group, if the underlying hash function is secure. 1 Introduction In today's communication, existence of a fast method...

Abstract. HAVAL is a cryptographic hash function proposed in 1992 by Zheng, Pieprzyk and Seberry. Its has a structure that is quite similar to other well-known hash functions such as MD4 and MD5. The specification of HAVAL includes a security parameter: the number of passes (that is, the number of times that a particular word of the message is used in the computation) can be chosen equal to 3, 4 or 5. In this paper we describe a practical attack that finds collisions for the 3-pass version of HAVAL. This means that it is possible to generate pairs of messages hashing to the same value. The computational complexity of the attack corresponds to about 2 29 computations of the compression function of 3-pass HAVAL; the required amount of memory is negligible. 1

Abstract. This paper presents preimage attacks on the hash functions 3-pass HAVAL and step-reduced MD5. Introduced in 1992 and 1991 respectively, these functions underwent severe collision attacks, but no preimage attack. We describe two preimage attacks on the compression function of 3-pass HAVAL. The attacks have a complexity of about 2 224 compression function evaluations instead of 2 256. We present several preimage attacks on the MD5 compression function that invert up to 47 steps (out of 64) within 2 96 trials instead of 2 128. Although our attacks are not practical, they show that the security margin of 3-pass HAVAL and step-reduced MD5 with respect to preimage attacks is not as high as expected.

A secure network achieves integrity and privacy in communication by employing a shared private key for generation of a MAC and for payload encryption respectively for its messages. A public key cipher method is used for authentication and secret key exchange among remote nodes. Lower layer security mechanisms currently available for ATM networks operate either at frame level or use a combined frame and cell approach that result in in exible and ine cient schemes. In this paper, we investigate network and cryptographic technology requirements and limitations encountered in designing an exclusively cell{based secure ATM network. We also present adesign for a cryptographic security device that can be transparently dropped{in between an ATM user device and network switch to provide secure virtual connections.

The recent collision attacks on the MD hash function family do not depend on the constants used in the function, but rather on its structure (i.e., changing the constants will not affect the differential analysis based attacks). Thus, is seems that the role of constants in maintaining security and preventing these attacks is unclear, at best, for this case and in particular fixing or varying the constants will not matter for these analyses. In this work we present a methodological investigation into the case of block-cipher based PGV hash functions family, and investigate the importance of constants in securing these designs. To this end we consider the twelve variants of the PGV family that yield secure hash in the generic ideal cipher case (as was shown by Black, Rogaway and Shrimpton), but consider them under concrete instantiation. To investigate the role of constant in the key derivation procedure we just ignore the constants. In this more uniform setting we further consider a very regular

We propose a new infinite family of cryptographic hash functions, Edon–R, based on a recently defined candidate one-way function. Edon–R is a class of hash functions with variable output lengths. It is defined using quasigroups and quasigroup string transformations.