## Domain Extender for Collision Resistant Hash Functions Using a Directed Acyclic Graph (2003)

Citations: | 2 - 0 self |

### BibTeX

@TECHREPORT{Sarkar03domainextender,

author = {Palash Sarkar},

title = {Domain Extender for Collision Resistant Hash Functions Using a Directed Acyclic Graph},

institution = {},

year = {2003}

}

### OpenURL

### Abstract

We study the problem of securely extending the domain of a collision resistant compression function. Our rst contribution is to show that given an arbitrary directed acyclic graph and a collision resistant compression function, it is possible to construct a collision resistant hash function. Next we introduce a new technique for constructing a hash function which can handle arbitrary length strings. The amount of padding and the number of invocations of the compression function required by our algorithm is asymptotically smaller compared to the Merkle-Damgard algorithm. Our third contribution is to provide some concrete examples and hence derive the foundation for the design of a secure parallel hash algorithm.

### Citations

2715 | New Direction in Cryptography - Diffee, Hellman - 1976 |

669 |
Cryptography: Theory and Practice
- Stinson
- 1995
(Show Context)
Citation Context ...rticular length. We would like to obtain a function which can handle strings of any length. Techniques to handle arbitrary length strings have been introduced before by Damgard [7] (see also Stinson [=-=14]-=-) for the special case of structures where the underlying DAG is a directed path. It does not seem to be easy to adapt the technique of [7] to the more general case of DAG that we consider here. Thus,... |

288 |
A Design Principle for Hash Functions
- Damg˚ard
- 1989
(Show Context)
Citation Context ...nction is collision resistant provided the compression function is collision resistant. Any method which achieves this is often called a composition priniciple. Early works by Merkle [8] and Damgard [=-=7-=-] provide a secure composition principle which is called the MerkleDamg ard principle. In a recent work, Sarkar and Schellenberg [12] provide a binary tree based parallelizable secure composition prin... |

175 | One way hash functions and DES - Merkle - 1990 |

104 | Toward Realizing Random Oracles: Hash Functions that Hide All Partial Information - Canetti - 1997 |

103 | Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
- Black, Rogaway, et al.
- 2002
(Show Context)
Citation Context ...end in hash function design is to either design them from \scratch" or to design them from other primitives like block ciphers. A recent example of the second technique is the 1 analysis presente=-=d in [3]-=-. In this paper, we concentrate on the theory behind thesrst mentioned method of constructing hash functions. The advantage of designing a hash function from scratch is that one can use simple logical... |

97 |
Collision-Resistant Hashing: Towards Making UOWHFs Practical
- Bellare, Rogaway
- 1997
(Show Context)
Citation Context ...design of hash functions is important from a practical point of view. Previous work in this area have focussed on parallelism in the compression function [4], parallelism in the composition principle =-=[1, 9, 12]-=- and also parallel hash algorithms [11] and other issues related to parallelism [2]. In Section 4, we provide some concrete examples of hashing structures and show that these can be combined nicely to... |

80 | A new paradigm for collision-free hashing: Incrementality at reduced cost
- Bellare, Micciancio
- 1997
(Show Context)
Citation Context ...s area have focussed on parallelism in the compression function [4], parallelism in the composition principle [1, 9, 12] and also parallel hash algorithms [11] and other issues related to parallelism =-=[2]-=-. In Section 4, we provide some concrete examples of hashing structures and show that these can be combined nicely to design a parallel hash function. Issues related to the practicability of the paral... |

70 | Cryptographically strong undeniable signatures, unconditionally secure for the signer,” Interner Bericht, Fakultät für Informatik
- Chaum, Heijst, et al.
- 1990
(Show Context)
Citation Context ...cal and theoretical interest. It is possible to construct a hash function such that obtaining a collision implies the ability to solve the discrete logarithm problem in a cryptographically hard group =-=[6]-=-. This solves the problem in a theoretical sense. However, in practice such a hash function would be unacceptably slow. The current trend in hash function design is to either design them from \scratch... |

47 | The state of cryptographic hash functions
- Preneel
- 1999
(Show Context)
Citation Context ...ave to consider an innite family of hash functions and dene collision resistance by requiring the success probability of any probabilistic polynomial time adversary to be a negligible function. See [1=-=0, 7-=-] for a precise denition of this notion. However, from a practical point of view we need to study the collision resistance of a single function. As mentioned above, the approach is to assume a compres... |

28 | Some Observations on the Theory of Cryptographic Hash Functions. Des. Codes Cryptography - Stinson - 2006 |

12 | A Design for Parallel Architectures
- Bosslaers, Govaerts, et al.
- 1997
(Show Context)
Citation Context ...Merkle-Damgard algorithm. Parallelism in the design of hash functions is important from a practical point of view. Previous work in this area have focussed on parallelism in the compression function [=-=4]-=-, parallelism in the composition principle [1, 9, 12] and also parallel hash algorithms [11] and other issues related to parallelism [2]. In Section 4, we provide some concrete examples of hashing str... |

6 | Parallel FFT-hashing
- Schnorr, Vaudenay
- 1993
(Show Context)
Citation Context ...practical point of view. Previous work in this area have focussed on parallelism in the compression function [4], parallelism in the composition principle [1, 9, 12] and also parallel hash algorithms =-=[11]-=- and other issues related to parallelism [2]. In Section 4, we provide some concrete examples of hashing structures and show that these can be combined nicely to design a parallel hash function. Issue... |

3 |
A Parallel Algorithm for Extending Cryptographic Hash Functions
- Sarkar, Scellenberg
- 2001
(Show Context)
Citation Context ...ed a composition priniciple. Early works by Merkle [8] and Damgard [7] provide a secure composition principle which is called the MerkleDamg ard principle. In a recent work, Sarkar and Schellenberg [1=-=2]-=- provide a binary tree based parallelizable secure composition principle. In the following we write jxj for the length of a string and x 1 jjx 2 for the concatenation of two strings x 1 and x 2 . Also... |

1 |
PARSHA-256: A Parallelizable Hash Function and a Multithreaded Implementation
- Pal, Sarkar
- 2003
(Show Context)
Citation Context ...design of hash functions is important from a practical point of view. Previous work in this area have focussed on parallelism in the compression function [4], parallelism in the composition principle =-=[1, 9, 12]-=- and also parallel hash algorithms [11] and other issues related to parallelism [2]. In Section 4, we provide some concrete examples of hashing structures and show that these can be combined nicely to... |