Filters








33 Hits in 2.4 sec

An Analysis of the Blockcipher-Based Hash Functions from PGV

J. Black, P. Rogaway, T. Shrimpton, M. Stam
2010 Journal of Cryptology  
Our work demonstrates that proving ideal-cipher-model bounds is a feasible and useful step for understanding the security of blockcipher-based hash-function constructions.  ...  Furthermore, by stepping outside of the Merkle-Damgård approach to analysis, we show that an additional 8 of the PGV schemes are just as collision resistant (up to a constant).  ...  For the journal revision, Phil received additional support from NSF award CNS-0904380 and Tom from CNS-0627752 and An Analysis of the Blockcipher-Based Hash Functions from PGV 543 NSF CAREER award CNS-  ... 
doi:10.1007/s00145-010-9071-0 fatcat:mnuhcz7qznet3bnz7gx4afwfdm

Ideal-Cipher (Ir)reducibility for Blockcipher-Based Hash Functions [chapter]

Paul Baecher, Pooya Farshim, Marc Fischlin, Martijn Stam
2013 Lecture Notes in Computer Science  
They define that the random oracle in scheme B reduces to the one in scheme A, if any instantiation H of the random oracle, possibly through an efficient hash function or again by an oracle-based solution  ...  sizes of the hash functions in the schemes.  ...  Acknowledgments The work described in this paper has been supported in part by the European  ... 
doi:10.1007/978-3-642-38348-9_26 fatcat:w4cy6w54mnhvncercylaxlyyxy

Attacks on a double length blockcipher-based hash proposal

Yiyuan Luo, Xuejia Lai, Tiejun Jia
2014 Cryptography and Communications  
In this paper we attack a 2n-bit double length hash function proposed by Lee et al. This proposal is a blockcipher-based hash function with hash rate 2/3.  ...  However, we find a collision attack with complexity of Ω(2 3n/4 ) and a preimage attack with complexity of Ω(2 n ). Our result shows this construction is much worse than an ideal 2n-bit hash function.  ...  The ideal cipher model, also called the black box model, is a formal model for the security analysis of blockcipher-based hash functions.  ... 
doi:10.1007/s12095-014-0117-2 fatcat:zjwse6cfgzhi7j723y6sqs6d6m

Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV [chapter]

John Black, Phillip Rogaway, Thomas Shrimpton
2002 Lecture Notes in Computer Science  
Our work demonstrates that proving ideal-cipher-model bounds is a feasible and useful step for understanding the security of blockcipher-based hash-function constructions.  ...  Furthermore, by stepping outside of the Merkle-Damgård approach to analysis, we show that an additional 8 of the PGV schemes are just as collision resistant (up to a constant).  ...  For the journal revision, Phil received additional support from NSF award CNS-0904380 and Tom from CNS-0627752 and An Analysis of the Blockcipher-Based Hash Functions from PGV 543 NSF CAREER award CNS-  ... 
doi:10.1007/3-540-45708-9_21 fatcat:cup4mcjl5ndqhfvp377prxf2zq

Blockcipher-Based Hashing Revisited [chapter]

Martijn Stam
2009 Lecture Notes in Computer Science  
We revisit the rate-1 blockcipher based hash functions as first studied by Preneel, Govaerts and Vandewalle (Crypto'93) and later extensively analysed by Black, Rogaway and Shrimpton (Crypto'02).  ...  This leads to a clearer understanding of the current classification of rate-1 blockcipher based schemes as introduced by Preneel et al. and refined by Black et al.  ...  certain problems with preimage resistance; and Tom Shrimpton for great advice for the duration of the project.  ... 
doi:10.1007/978-3-642-03317-9_5 fatcat:efaqzxmspjebdenti43nuxhxne

Collision Resistance of Hash Functions in a Weak Ideal Cipher Model

Shoichi HIROSE, Hidenori KUWAKADO
2012 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
This article discusses the provable security of blockcipher-based hash functions. It introduces a new model called a weak ideal cipher model.  ...  It is shown that collision resistant hash functions can be constructed even in this weak model.  ...  Acknowledgements We would like to thank an anonymous reviewer for valuable comments. This work was supported in part by KAKENHI 20300003.  ... 
doi:10.1587/transfun.e95.a.252 fatcat:c22mqie2pzhu5gfa6d5o6wxvpi

On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions [chapter]

John Black, Martin Cochran, Thomas Shrimpton
2005 Lecture Notes in Computer Science  
We say a blockcipher-based hash function is highly-efficient if it makes exactly one blockcipher call for each message block hashed, and all blockcipher calls use a key from K.  ...  In this paper we prove, in the ideal-cipher model, that it is impossible to construct a highly-efficient iterated blockcipher-based hash function that is provably secure.  ...  John Black's work was supported by NSF CAREER-0240000 and a gift from the Boettcher Foundation.  ... 
doi:10.1007/11426639_31 fatcat:qgkpqjus75hflgrjqurbxa3w7q

On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions

J. Black, M. Cochran, T. Shrimpton
2008 Journal of Cryptology  
We say a blockcipher-based hash function is highly-efficient if it makes exactly one blockcipher call for each message block hashed, and all blockcipher calls use a key from K.  ...  In this paper we prove, in the ideal-cipher model, that it is impossible to construct a highly-efficient iterated blockcipher-based hash function that is provably secure.  ...  John Black's work was supported by NSF CAREER-0240000 and a gift from the Boettcher Foundation.  ... 
doi:10.1007/s00145-008-9030-1 fatcat:mcdk4ryxyvcnrnyime4pjwva7e

A synthetic indifferentiability analysis of some block-cipher-based hash functions

Zheng Gong, Xuejia Lai, Kefei Chen
2008 Designs, Codes and Cryptography  
In this article, a synthetic indifferentiability analysis of some blockcipher-based hash functions is considered.  ...  At ASIACRYPT 2006, Chang et al. analyzed the indifferentiability of some popular hash functions based on block ciphers, namely, the twenty collision resistant PGV, the MDC2 and the PBGV hash functions,  ...  Acknowledgments.We would like to thank the anonymous reviewers for helpful comments that improved the presentation of this paper.  ... 
doi:10.1007/s10623-008-9208-4 fatcat:yct5ywai2jdt5mnahzvvpfrvxm

Hash Functions from Defective Ideal Ciphers [chapter]

Jonathan Katz, Stefan Lucks, Aishwarya Thiruvengadam
2015 Lecture Notes in Computer Science  
robust to related-key weaknesses in the underlying cipher Related work • Analysis of PGV functions in the ideal-cipher model [BRS02,BRSS10] • Reducibility of block-cipher-based compression functions [  ...  security of constructions analyzed in the (traditional) idealcipher model • We analyze the classical Preneel-Govaerts-Vandewalle (PGV) constructions of hash functions from block ciphers in our model •  ...  Motivation • Cryptographic constructions based on lowerlevel primitives are often analyzed by modeling the primitive as an ideal object Hash functions and their security • Collision resistance of block-cipher-based  ... 
doi:10.1007/978-3-319-16715-2_15 fatcat:xmq3wx5gxra2zag33mlsgveohu

Efficient Hashing Using the AES Instruction Set [chapter]

Joppe W. Bos, Onur Özen, Martijn Stam
2011 Lecture Notes in Computer Science  
In this work, we provide a software benchmark for a large range of 256-bit blockcipher-based hash functions.  ...  As far as we are aware, this is the first comprehensive performance comparison of multi-block-length hash functions in software.  ...  This work was supported by the Swiss National Science Foundation under grant numbers 200020-132160, 200021-119776, and 200021-122162 and by the European Commission through the ICT programme under contract  ... 
doi:10.1007/978-3-642-23951-9_33 fatcat:4z66rhbbyjabfjurfzjzgf3d5y

The Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function [chapter]

John Black
2006 Lecture Notes in Computer Science  
In particular, we extend work by Canetti, Goldreich and Halevi [5] , and a recent simplification by Maurer, Renner, and Holenstein [14], to exhibit a blockcipher-based hash function that is provably-secure  ...  The Ideal-Cipher Model of a blockcipher is a well-known and widely-used model dating back to Shannon [24] and has seen frequent use in proving the security of various cryptographic objects and protocols  ...  We return h as the digest. The PGV analysis consisted of testing a series of attacks on each of these iterated hash functions.  ... 
doi:10.1007/11799313_21 fatcat:3u4c56plhjc7tfmtyodldiy4sy

On the Impact of Known-Key Attacks on Hash Functions [chapter]

Bart Mennink, Bart Preneel
2015 Lecture Notes in Computer Science  
In this work, we analyze the impact of such attacks on primitive-based hash functions.  ...  Hash functions are often constructed based on permutations or blockciphers, and security proofs are typically done in the ideal permutation or cipher model.  ...  Bart Mennink is a Postdoctoral Fellows of the Research Foundation -Flanders (FWO). The authors would like to thank the anonymous reviewers for their valuable help and feedback.  ... 
doi:10.1007/978-3-662-48800-3_3 fatcat:6aefdwkj65dclmw3qc3dnytuqa

On The Impact Of Known-Key Attacks On Hash Functions

Bart Mennink, Bart Preneel
2015 Lecture Notes in Computer Science  
In this work, we analyze the impact of such attacks on primitive-based hash functions.  ...  Hash functions are often constructed based on permutations or blockciphers, and security proofs are typically done in the ideal permutation or cipher model.  ...  Bart Mennink is a Postdoctoral Fellows of the Research Foundation -Flanders (FWO). The authors would like to thank the anonymous reviewers for their valuable help and feedback.  ... 
doi:10.5281/zenodo.55450 fatcat:5wx6bjfxn5hizmqj3ur2rcwzom

A New Scheme of Blockcipher Hash

Rashed MAZUMDER, Atsuko MIYAJI
2016 IEICE transactions on information and systems  
A cryptographic hash is an important tool in the area of a modern cryptography. It comprises a compression function, where the compression function can be built by a scratch or blockcipher.  ...  Moreover, the number of blockcipher call of this scheme is 2 and it runs in parallel. key words: cryptographic hash, blockcipher, ideal cipher model, weak cipher model, collision and preimage resistance  ...  Theorem 2: Let H NEW be a two calls of 2n bit key, blockcipher hash function.  ... 
doi:10.1587/transinf.2015icp0028 fatcat:hbxzl3a67rfz5bx5lcpmvgwyny
« Previous Showing results 1 — 15 out of 33 results