Constructing Secure Hash Functions from Weak Compression Functions: The Case for Non-Streamable Hash Functions (2006)
| Citations: | 2 - 0 self |
BibTeX
@MISC{Liskov06constructingsecure,
author = {Moses Liskov},
title = {Constructing Secure Hash Functions from Weak Compression Functions: The Case for Non-Streamable Hash Functions },
year = {2006}
}
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
In a recent paper, Lucks espoused a “failure-friendly” approach to hash function design [12]. We expand on this idea in two main ways. First of all, we consider the notion of a weak ideal compression function, which is vulnerable to strong forms of attack, but is otherwise random. We show that such weak ideal compression functions can be used to create secure hash functions, thereby giving a design that can be used to eliminate attacks caused by many unusual properties of compression functions. Furthermore, the construction we give, which we call the “zipper hash,” is ideal in the sense that the overall hash function is indistinguishable from a random oracle when implemented with ideal building blocks. The zipper hash function is relatively efficient, requiring two compression function evaluations per block of input, but it is not streamable. We also show how to create an ideal compression function from ideal weak compression functions, which can be used in the standard iterated way to make a streamable hash function. However, a comparison of these two constructions, as well as consideration of certain recent attacks against iterated hash functions, lead us to the conclusion that non-streamable hash functions may be worth considering.
Citations
| 267 | A certified digital signature - Merkle - 1989 |
| 231 | A design principle for hash functions - Damgård - 1989 |
| 150 | How to break MD5 and other hash functions - Wang, Yu - 2005 |
| 123 | H.: Finding collisions in the full SHA-1 - Wang, Yin, et al. - 2005 |
| 93 | Analysis and Design of Cryptographic Hash Functions - Preneel - 1993 |
| 78 | An analysis of the blockcipher-based hash functions from PGV - Black, Rogaway, et al. |
| 73 | Multicollisions in Iterated Hash Functions: Application to Cascaded Constructions - Joux |
| 45 | Efficient Collision Search Attacks on SHA-0 - Wang, Yin, et al. - 2005 |
| 37 | Formal Aspects of Mobile Code Security - Dean - 1999 |
| 34 | A failure-friendly design principle for hash functions - Lucks - 2005 |
| 27 | Preimages on n-Bit Hash Functions for Much Less than 2 n Work - Second |
| 16 | T.: Herding Hash Functions and the Nostradamus Attack - Kelsey, Kohno - 2006 |
| 2 | Merkle-damg˚ard revisited:how to construct a hash function - Coron, Dodis, et al. |
| 2 | Hash functions: past, present and future - Preneel - 2005 |
