A failure-friendly design principle for hash functions

A failure-friendly design principle for hash functions (2005)

Cached

Download Links

[th.informatik.uni-mannheim.de]

Other Repositories/Bibliography

DBLP

by Stefan Lucks

Citations:

34 - 6 self

BibTeX

@INPROCEEDINGS{Lucks05afailure-friendly,
    author = {Stefan Lucks},
    title = {A failure-friendly design principle for hash functions},
    booktitle = {},
    year = {2005},
    pages = {474--494},
    publisher = {Springer}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

Abstract. This paper reconsiders the established Merkle-Damg˚ard design principle for iterated hash functions. The internal state size w of an iterated n-bit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security against certain attacks, even if the compression function fails to be collision resistant. We propose the wide-pipe hash, internally using a w-bit compression function, and the double-pipe hash, with w = 2n and an n-bit compression function used twice in parallel.

Citations

231	A design principle for hash functions - Damgård - 1989
206	The random oracle methodology, revisited - Canetti, Halevi
205	Payword and micromint: Two simple micropayment schemes - Rivest, Shamir - 1996
150	How to break MD5 and other hash functions - Wang, Yu - 2005
93	Analysis and Design of Cryptographic Hash Functions - Preneel - 1993
73	Multicollisions in Iterated Hash Functions: Application to Cascaded Constructions - Joux
51	Merkle-Damgård Revisited: How to Construct a Hash Function - Coron, Dodis, et al. - 2005
49	T.: Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance - Rogaway, Shrimpton
27	Preimages on n-Bit Hash Functions for Much Less than 2 n Work - Second
25	RIPEMD-160: A Strengthened Version of - Dobbertin, Bosselaers, et al. - 1996
23	Design validations for discrete logarithm based signature schemes - Brickell, Pointcheval, et al. - 2000
22	On the length of cryptographic hash-values used in identification schemes - Girault, Stern - 1994
19	On the possibility of constructing meaningful hash collisions for public keys - Lenstraand, Weger - 2005
17	Colliding X.509 certificates, Cryptology ePrint Archive - Lenstra, Wang, et al.
13	One-way hash functions and DES - Merkle - 1989
11	Practical Attacks on Digital Signatures Using MD5 Message Digest, Cryptology ePrint Archive - Mikle
7	Security Analysis of a 2/3-Rate Double Length Compression Function in the Black-Box Model - Nandi, Sakurai, et al. - 2005
5	Black-box analysis of the blockcipher- based hash function constructions from PGV - Black, Rogaway, et al.
5	MD5 to be Considered Harmful Someday - Kaminski - 2004
3	More problems with hash functions. The cryptography mailing list. 24 Aug - Finney - 2004
1	The story of Alice and her boss. Eurocrypt 05 rump session. http://th.informatik.uni-mannheim.de/people/lucks/HashCollisions - Daum, Lucks
1	Private communication - Preneel - 2005
1	Efficient collision search attacks on SHA0. Accepted for Crypto 2005 - Wang, Yu, et al.
1	Finding collisions in the full SHA1. Accepted for Crypto 2005 - Wang, Yin, et al.