Filters








37 Hits in 7.3 sec

Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV [chapter]

John Black, Phillip Rogaway, Thomas Shrimpton
2002 Lecture Notes in Computer Science  
Our work demonstrates that proving ideal-cipher-model bounds is a feasible and useful step for understanding the security of blockcipher-based hash-function constructions.  ...  Preneel, Govaerts, and Vandewalle (1993) considered the 64 most basic ways to construct a hash function H : {0, 1} * → {0, 1} n from a blockcipher E: {0, 1} n ×{0, 1} n → {0, 1} n .  ...  For the journal revision, Phil received additional support from NSF award CNS-0904380 and Tom from CNS-0627752 and An Analysis of the Blockcipher-Based Hash Functions from PGV 543 NSF CAREER award CNS-  ... 
doi:10.1007/3-540-45708-9_21 fatcat:cup4mcjl5ndqhfvp377prxf2zq

A synthetic indifferentiability analysis of some block-cipher-based hash functions

Zheng Gong, Xuejia Lai, Kefei Chen
2008 Designs, Codes and Cryptography  
At ASIACRYPT 2006, Chang et al. analyzed the indifferentiability of some popular hash functions based on block ciphers, namely, the twenty collision resistant PGV, the MDC2 and the PBGV hash functions,  ...  First, a more precise definition is proposed on the indifferentiability adversary in block-cipher-based hash functions.  ...  Acknowledgments.We would like to thank the anonymous reviewers for helpful comments that improved the presentation of this paper.  ... 
doi:10.1007/s10623-008-9208-4 fatcat:yct5ywai2jdt5mnahzvvpfrvxm

Ideal-Cipher (Ir)reducibility for Blockcipher-Based Hash Functions [chapter]

Paul Baecher, Pooya Farshim, Marc Fischlin, Martijn Stam
2013 Lecture Notes in Computer Science  
We also relate the ideal ciphers in the PGV constructions with those in double-block-length hash functions such as Tandem-DM, Abreast-DM, and Hirose-DM.  ...  sizes of the hash functions in the schemes.  ...  Acknowledgments The work described in this paper has been supported in part by the European  ... 
doi:10.1007/978-3-642-38348-9_26 fatcat:w4cy6w54mnhvncercylaxlyyxy

Collision Resistance of Hash Functions in a Weak Ideal Cipher Model

Shoichi HIROSE, Hidenori KUWAKADO
2012 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
This article discusses the provable security of blockcipher-based hash functions. It introduces a new model called a weak ideal cipher model.  ...  It is shown that collision resistant hash functions can be constructed even in this weak model.  ...  It is mainly because the collision resistance of a hash function cannot be implied by the pseudorandomness of the underlying block cipher as a black-box [9] .  ... 
doi:10.1587/transfun.e95.a.252 fatcat:c22mqie2pzhu5gfa6d5o6wxvpi

A Generalization of PGV-Hash Functions and Security Analysis in Black-Box Model [chapter]

Wonil Lee, Mridul Nandi, Palash Sarkar, Donghoon Chang, Sangjin Lee, Kouichi Sakurai
2004 Lecture Notes in Computer Science  
In [1] it was proved that 20 out of 64 PGV-hash functions [2] based on block cipher are collision resistant and one-way-secure in blackbox model of the underlying block cipher.  ...  Here, we generalize the definition of PGV-hash function into a hash family and prove that besides the previous 20 hash functions we have 22 more collision resistant and one-way secure hash families.  ...  Conclusion In this paper we first generalized the definition of PGV-hash functions into a PGV-hash families.  ... 
doi:10.1007/978-3-540-27800-9_19 fatcat:sdbn3by2nrec7im7m33ggryqrq

Biclique Cryptanalysis of Full Round AES-128 Based Hashing Modes [chapter]

Donghoon Chang, Mohona Ghosh, Somitra Kumar Sanadhya
2016 Lecture Notes in Computer Science  
In this work, we revisit the security analysis of AES-128 instantiated hash modes. We use biclique cryptanalysis technique as our basis for the attack.  ...  The second preimage attack complexities differ based on the PGV construction chosenthe lowest being 2 126.3 and the highest being 2 126.67 complexity.  ...  proposed 64 basic ways to construct a n-bit compression function from a n-bit block cipher (under a n-bit key). Black et al.  ... 
doi:10.1007/978-3-319-38898-4_1 fatcat:jfjoalmktrbi5knmwr2yxvbjoa

Cryptographic Hash Functions:
暗号学的ハッシュ関数

Kan YASUDA, Yu SASAKI
2010 IEICE ESS FUNDAMENTALS REVIEW  
Shrimpton, "Black-box analysis of the block-cipher-based hash-function constructions from PGV," in CRYPTO 2002, Lecture Notes in Computer Science, M.  ...  Vandewalle, "Hash functions based on block ciphers: A synthetic approach," in CRYPTO 1993, Lecture Notes in Computer Science, D. R. Stinson ed., vol. 773, pp. 368-378, Springer-Verlag, 1993. 4 R. C.  ... 
doi:10.1587/essfr.4.57 fatcat:g4xffnowljdnhp552jvvzj2h7i

Attacks on a double length blockcipher-based hash proposal

Yiyuan Luo, Xuejia Lai, Tiejun Jia
2014 Cryptography and Communications  
In this paper we attack a 2n-bit double length hash function proposed by Lee et al. This proposal is a blockcipher-based hash function with hash rate 2/3.  ...  However, we find a collision attack with complexity of Ω(2 3n/4 ) and a preimage attack with complexity of Ω(2 n ). Our result shows this construction is much worse than an ideal 2n-bit hash function.  ...  The ideal cipher model, also called the black box model, is a formal model for the security analysis of blockcipher-based hash functions.  ... 
doi:10.1007/s12095-014-0117-2 fatcat:zjwse6cfgzhi7j723y6sqs6d6m

Constructing Rate-1 MACs from Related-Key Unpredictable Block Ciphers: PGV Model Revisited [chapter]

Liting Zhang, Wenling Wu, Peng Wang, Lei Zhang, Shuang Wu, Bo Liang
2010 Lecture Notes in Computer Science  
However, the latter MACs offer relatively low efficiency. In this paper, we investigate the feasibility of constructing rate-1 MACs from related-key unpredictable block ciphers.  ...  Almost all current block-cipher-based MACs reduce their security to the pseudorandomness of their underlying block ciphers, except for a few of them to the unpredictability, a strictly weaker security  ...  The authors would like to thank the anonymous referees for their valuable comments. Special thanks to Kan Yasuda for his help to revise this paper.  ... 
doi:10.1007/978-3-642-13858-4_14 fatcat:3xeqkg4laza3nniqcnzu4jw2zi

An Analysis of the Blockcipher-Based Hash Functions from PGV

J. Black, P. Rogaway, T. Shrimpton, M. Stam
2010 Journal of Cryptology  
Our work demonstrates that proving ideal-cipher-model bounds is a feasible and useful step for understanding the security of blockcipher-based hash-function constructions.  ...  Preneel, Govaerts, and Vandewalle (1993) considered the 64 most basic ways to construct a hash function H : {0, 1} * → {0, 1} n from a blockcipher E: {0, 1} n ×{0, 1} n → {0, 1} n .  ...  For the journal revision, Phil received additional support from NSF award CNS-0904380 and Tom from CNS-0627752 and An Analysis of the Blockcipher-Based Hash Functions from PGV 543 NSF CAREER award CNS-  ... 
doi:10.1007/s00145-010-9071-0 fatcat:mnuhcz7qznet3bnz7gx4afwfdm

Open problems in hash function security

Elena Andreeva, Bart Mennink, Bart Preneel
2015 Designs, Codes and Cryptography  
Most of existing hash functions are designed to evaluate a compression function with a finite domain in a mode of operation, and the compression function itself is often designed from block ciphers or  ...  We present a survey on the state of the art in hash function security and modular design analysis.  ...  This work was supported in part by the Research Council KU Leuven: GOA TENSE (GOA/11/007). Elena Andreeva and Bart Mennink are Postdoctoral Fellows of the Research Foundation -Flanders (FWO).  ... 
doi:10.1007/s10623-015-0096-0 fatcat:alir2p5gybgvrbup5jfvjf45te

Indifferentiable Security Analysis of Popular Hash Functions with Prefix-Free Padding [chapter]

Donghoon Chang, Sangjin Lee, Mridul Nandi, Moti Yung
2006 Lecture Notes in Computer Science  
In particular, we observe that there are sixteen PGV hash functions (with prefix-free padding) which are indifferentiable from random oracle model in the ideal cipher model.  ...  also some double block length (DBL) constructions) in the random oracle model and in the ideal cipher model.  ...  Coron et al. stated the indifferentiability of prefix free MD construction in random oracle (or in ideal cipher model in the case of block-cipher based construction).  ... 
doi:10.1007/11935230_19 fatcat:e7iykhabxbg23cbhm6gic2fzfi

Efficient Pseudorandom-Function Modes of a Block-Cipher-Based Hash Function

Shoichi HIROSE, Hidenori KUWAKADO
2009 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
This article discusses the provable security of pseudorandom-function (PRF) modes of an iterated hash function using a block cipher.  ...  It is also confirmed that the MMO compression function is the best choice with MDP among the block-cipher-based compression functions in the Preneel-Govaerts-Vandewalle model in terms of the provable security  ...  This research was supported by the National Institute of Information and Communications Technology, Japan.  ... 
doi:10.1587/transfun.e92.a.2447 fatcat:dazzpeuiobbfhjfhy7mj5klpyu

Cryptanalysis of Lin et al.'s Efficient Block-Cipher-Based Hash Function

Bozhong Liu, Zheng Gong, Xiaohong Chen, Weidong Qiu, Dong Zheng
2010 2010 International Conference on Internet Technology and Applications  
Hash functions are widely used in authentication. In this paper, the security of Lin et al.'s efficient block-cipher-based hash function is reviewed. By using Joux's multicollisions and Kelsey et al.'  ...  s hash construction.  ...  Black-box model is a well-known security model for the analysis of block-cipher-based hash functions.  ... 
doi:10.1109/itapp.2010.5566639 fatcat:exefncyj65htrjmguchm6kqff4

On security arguments of the second round SHA-3 candidates

Elena Andreeva, Andrey Bogdanov, Bart Mennink, Bart Preneel, Christian Rechberger
2012 International Journal of Information Security  
We identify two important classes of security arguments for the new designs: (1) the possible reductions of the hash function security to the security of its underlying building blocks, and (2) arguments  ...  An important criterion in the selection process is the SHA-3 hash function security.  ...  [71] analyzed and categorized 64 block cipher based compression functions. Twelve of them were formally proven secure by Black et al. [25] .  ... 
doi:10.1007/s10207-012-0156-7 fatcat:s2dmf5danrewpptmrpj7qvbuui
« Previous Showing results 1 — 15 out of 37 results