Hash Functions: From MerkleDamgård to Shoup
 EUROCRYPT
, 2001
"... In this paper we study two possible approaches to improving existing schemes for constructing hash functions that hash arbitrary long messages. First, we introduce a continuum of function classes that lie between universal oneway hash functions and collisionresistant functions. For some of these c ..."
Abstract

Cited by 17 (0 self)
In this paper we study two possible approaches to improving existing schemes for constructing hash functions that hash arbitrary long messages. First, we introduce a continuum of function classes that lie between universal oneway hash functions and collisionresistant functions. For some
The Design Principle of Hash Function with MerkleDamgård Construction
, 2006
"... The paper discusses the security of compression function and hash function with MerkleDamgard construction and provides the complexity bound of finding a collision and primage of hash function based on the condition probability of compression function y = F (x, k). we make a conclusion that in ..."
Abstract
The paper discusses the security of compression function and hash function with MerkleDamgard construction and provides the complexity bound of finding a collision and primage of hash function based on the condition probability of compression function y = F (x, k). we make a conclusion
Data Security
, 1979
"... The rising abuse of computers and increasing threat to personal privacy through data banks have stimulated much interest m the techmcal safeguards for data. There are four kinds of safeguards, each related to but distract from the others. Access controls regulate which users may enter the system and ..."
Abstract

Cited by 611 (3 self)
of statistical queries and correlating the responses. Statlstmal data banks are much less secure than most people beheve. Data encryption attempts to prevent unauthorized disclosure of confidential information in transit or m storage. This paper describes the general nature of controls of each type, the kinds
Security of Practical Cryptosystems Using MerkleDamg˚ard Hash Function in the Ideal Cipher Model
"... Abstract. Since the MerkleDamg˚ard (MD) type hash functions are differentiable from ROs even when compression functions are modeled by ideal primitives, there is no guarantee as to the security of cryptosystems when ROs are instantiated with structural hash functions. In this paper, we study the se ..."
Abstract
the security of the instantiated cryptosystems whereas the hash functions have the well known structure of MerkleDamg˚ard construction with Stam’s typeII compression function (denoted MDTypeII) in the Ideal Cipher Model (ICM). Note that since the TypeII scheme includes the DaviesMeyer compression function
Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures

, 2003
"... We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as agq1( We propose securitygcur forrouting in sensor networks, show how attacks agacks adhoc and peertopeer networks can be ..."
Abstract

Cited by 789 (3 self)
We consider routing security in wireless sensor networks. Many sensor network routing protocols have been proposed, but none of them have been designed with security as agq1( We propose securitygcur forrouting in sensor networks, show how attacks agacks adhoc and peertopeer networks can
Random Oracles are Practical: A Paradigm for Designing Efficient Protocols
, 1995
"... We argue that the random oracle model  where all parties have access to a public random oracle  provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol P R for the ..."
Abstract

Cited by 1643 (75 self)
for the random oracle model, and then replacing oracle accesses by the computation of an "appropriately chosen" function h. This paradigm yields protocols much more efficient than standard ones while retaining many of the advantages of provable security. We illustrate these gains for problems including
SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks
, 2003
"... An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vec ..."
Abstract

Cited by 522 (8 self)
. In order to support use with nodes of limited CPU processing capability, and to guard against DenialofService attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient oneway hash functions and do not use asymmetric cryptographic
Timing Attacks on Implementations of DiffieHellman, RSA, DSS, and Other Systems
, 1996
"... By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed DiffieHellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known cip ..."
Abstract

Cited by 644 (3 self)
By carefully measuring the amount of time required to perform private key operations, attackers may be able to find fixed DiffieHellman exponents, factor RSA keys, and break other cryptosystems. Against a vulnerable system, the attack is computationally inexpensive and often requires only known
PseudoRandom Generation from OneWay Functions
 PROC. 20TH STOC
, 1988
"... Pseudorandom generators are fundamental to many theoretical and applied aspects of computing. We show howto construct a pseudorandom generator from any oneway function. Since it is easy to construct a oneway function from a pseudorandom generator, this result shows that there is a pseudorandom gene ..."
Abstract

Cited by 887 (22 self)
Pseudorandom generators are fundamental to many theoretical and applied aspects of computing. We show howto construct a pseudorandom generator from any oneway function. Since it is easy to construct a oneway function from a pseudorandom generator, this result shows that there is a pseudorandom
Models and issues in data stream systems
 IN PODS
, 2002
"... In this overview paper we motivate the need for and research issues arising from a new model of data processing. In this model, data does not take the form of persistent relations, but rather arrives in multiple, continuous, rapid, timevarying data streams. In addition to reviewing past work releva ..."
Abstract

Cited by 770 (19 self)
In this overview paper we motivate the need for and research issues arising from a new model of data processing. In this model, data does not take the form of persistent relations, but rather arrives in multiple, continuous, rapid, timevarying data streams. In addition to reviewing past work
