Filters








248 Hits in 4.6 sec

Collisions for the LPS Expander Graph Hash Function [chapter]

Jean-Pierre Tillich, Gilles Zémor
Advances in Cryptology – EUROCRYPT 2008  
We analyse the hash function family based on walks in LPS Ramanujan graphs recently introduced by Charles et al.  ...  We present an algorithm for finding collisions that runs in quasi-linear time in the length of the hashed value. A concrete instance of the hash function is considered, based on a 100-digit prime.  ...  It has two properties relevant to hashing. First, the graph is a good expander (see [3] , [13] for details and [9] for a modern survey on expander graphs).  ... 
doi:10.1007/978-3-540-78967-3_15 dblp:conf/eurocrypt/TillichZ08 fatcat:lsphyrcvjna47hyqbg4pw5wsre

Cryptographic Hash Functions from Expander Graphs

Denis X. Charles, Kristin E. Lauter, Eyal Z. Goren
2007 Journal of Cryptology  
We estimate the cost per bit to compute these hash functions, and we implement our hash function for several members of the Pizer and LPS graph families and give actual timings.  ...  As examples, we investigate two specific families of optimal expander graphs for provable collision resistant hash function constructions: the families of Ramanujan graphs constructed by Lubotzky-Phillips-Sarnak  ...  Acknowledgements The authors thank the anonymous referees for many helpful suggestions to improve the paper.  ... 
doi:10.1007/s00145-007-9002-x fatcat:aeu37cl6fvhmpdlrc5pu22wp7e

Full Cryptanalysis of LPS and Morgenstern Hash Functions [chapter]

Christophe Petit, Kristin Lauter, Jean-Jacques Quisquater
2008 Lecture Notes in Computer Science  
Collisions in the LPS cryptographic hash function of Charles, Goren and Lauter have been found by Zémor and Tillich [16], but it was not clear whether computing preimages was also easy for this hash function  ...  Subsequently, we study the Morgenstern hash, an interesting variant of LPS hash, and break this function as well.  ...  Discussion and Further Work In this paper, we presented efficient algorithms finding preimages for the LPS hash function and collisions for the Morgenstern hash function with q = 2.  ... 
doi:10.1007/978-3-540-85855-3_18 fatcat:qn527l467bhppdjad2usaz3qvi

Cryptographic Hash Functions and Expander Graphs: The End of the Story? [chapter]

Christophe Petit, Jean-Jacques Quisquater
2016 Lecture Notes in Computer Science  
Hash functions from Cayley graphs A few proposals Zémor [Z91] p prime G = SL(2, F p ) S = {( 1 1 0 1 ) , ( 1 0 1 1 )} Ch.  ...  but additional heuristics may help Issue : find good groups G and generator sets S Many angles of attacks as in Morgenstern's Ramanujan graphs Introduction Cayley hash functions Security :  ... 
doi:10.1007/978-3-662-49301-4_19 fatcat:xupxke37nbgjjldjkssvu5umui

Ramanujan Graphs for Post-Quantum Cryptography [chapter]

Hyungrok Jo, Shingo Sugiyama, Yoshinori Yamasaki
2020 Mathematics for Industry  
We also describe the relationship between the security of Cayley hash functions and word problems for group theory.  ...  We introduce a cryptographic hash function based on expander graphs, suggested by Charles et al. '09, as one prominent candidate in post-quantum cryptography.  ...  The authors would like to thank Meghan Delaney for pointing out grammatical errors.  ... 
doi:10.1007/978-981-15-5191-8_17 fatcat:bnonrygdnvaynmkgsbrvkhxmka

Rubik's for Cryptographers

Christophe Petit, Jean-Jacques Quisquater
2013 Notices of the American Mathematical Society  
A constructive proof of Babai's conjecture would make all Cayley hash functions insecure, but on the other hand it would have many positive applications in graph theory and computer science.  ...  These problems arise naturally when describing the security of Cayley hash functions, a class of cryptographic hash functions with very interesting properties.  ...  for giving him the opportunity to present his work.  ... 
doi:10.1090/noti1001 fatcat:6n353wxmo5hhvjsab3di2quz6q

Keyed hash function from large girth expander graphs [article]

Eustrat Zhupa, Monika K. Polak
2019 arXiv   pre-print
In this paper we present an algorithm to compute keyed hash function (message authentication code MAC).  ...  Expander graphs are known to have excellent expansion properties and thus they also have very good mixing properties.  ...  Acknowledgement The authors would like to express their gratitude to Vasyl Ustimenko for sharing his knowledge about graphs D(n, q), which made this research possible.  ... 
arXiv:1903.06267v1 fatcat:pzi4flnqirfj3g76s3a3zbmuti

Addendum to "Scalable secure storage when half the system is faulty" [Inform. Comput. 174 (2)(2002) 203–213]

Noga Alon, Haim Kaplan, Michael Krivelevich, Dahlia Malkhi, Julien Stern
2007 Information and Computation  
More concretely, the probabilistic relaxation of the recovery guarantee allows the use of a cryptographically secure hash function, such as the conjectured collision-resistant hash function , in order  ...  The scheme we previously suggested in [1] 1 requires fingerprinting information of size O(n log n) bits. Our scheme employs expander graphs for redundant cross-checking of fingerprint values.  ...  More concretely, the probabilistic relaxation of the recovery guarantee allows the use of a cryptographically secure hash function, such as the conjectured collision-resistant hash function SHA-1 [7]  ... 
doi:10.1016/j.ic.2006.02.007 fatcat:zlhe255anndkzn5hn2ejr572le

Can Flash Memory Help in Model Checking? [chapter]

Jiří Barnat, Luboš Brim, Stefan Edelkamp, Damian Sulewski, Pavel Šimeček
2009 Lecture Notes in Computer Science  
We provide a model for computation of I/O complexity on the model of Aggarwal and Vitter modified for flash memories.  ...  So far, external memory model checking algorithms have been optimized for mechanical hard disks corresponding to the model of Aggarwal and Vitter [1].  ...  Collisions especially on the background hash table can yield additional burden.  ... 
doi:10.1007/978-3-642-03240-0_14 fatcat:jatfcu7l4zha3eupeb6pqgzbdq

Flash memory efficient LTL model checking

S. Edelkamp, D. Sulewski, J. Barnat, L. Brim, P. Šimeček
2011 Science of Computer Programming  
perfect hash function from RAM to flash memory.  ...  For flash memory efficient on-the-fly LTL model checking, which aims at finding any counter-example to the specified LTL property, we study hash functions adapted to the two-level hierarchy of RAM and  ...  Acknowledgements We would like to thank Martin Dietzfelbinger for his help to derive the lower bound on perfect hashing, Peter Kissmann for his rigorous proof reading, and the anonymous reviewers for the  ... 
doi:10.1016/j.scico.2010.03.005 fatcat:5kkssybrs5dibhqgwyhvsv3xfi

Constructing an efficient hash function from $3$-isogenies

Hikari Tachibana, Katsuyuki Takashima, Tsuyoshi Takagi
2017 JSIAM Letters  
Charles et al. proposed hash functions based on the difficulty of computing isogenies between supersingular elliptic curves.  ...  Moreover, we implement the 2and 3-isogeny hash functions using Magma and show our 3-isogeny proposal has a comparable efficiency with the 2-isogeny one.  ...  The Zémor hash function and the LPS hash function are Cayley graph hash functions. The polynomial-time attacks on these Cayley graph hash functions have already known [7, 8] .  ... 
doi:10.14495/jsiaml.9.29 fatcat:ygtkwofggrf7bobsapm3x6cdu4

Concurrent Robin Hood Hashing

Robert Kelly, Barak A. Pearlmutter, Phil Maguire, Michael Wagner
2018 International Conference on Principles of Distributed Systems  
In this paper we examine the issues involved in adding concurrency to the Robin Hood hash table algorithm.  ...  locality, all of which are essential for high performance on modern computer architectures.  ...  Ideally, the hash function generates a unique index for each key. In reality, however, the keys often have the same hash, creating what is known as a collision.  ... 
doi:10.4230/lipics.opodis.2018.10 dblp:conf/opodis/KellyPM18 fatcat:5vxt7s2wbrckrix77rfm5wakou

Security Analysis of SIMD [chapter]

Charles Bouillaguet, Pierre-Alain Fouque, Gaëtan Leurent
2011 Lecture Notes in Computer Science  
In particular, this means that our distinguisher has a minimal impact on the security of the hash function, and we still have a security proof for the SIMD hash function.  ...  Our bound is in the order of 2 −n/2 using very weak assumptions. Resistance to related key attacks is often overlooked, but it is very important for hash function designs. The Message Expansion.  ...  Acknowledgments We would like to thank Praveen Gauravaram from Technical University of Denmark, Copenhagen for discussions on the proof of indifferentiability.  ... 
doi:10.1007/978-3-642-19574-7_24 fatcat:xkn4kasirrbkbpk3fzqccxzxfe

Ramanujan graphs in cryptography [article]

Anamaria Costache, Brooke Feigon, Kristin Lauter, Maike Massierer, Anna Puskás
2018 arXiv   pre-print
One is based on Lubotzky-Phillips-Sarnak (LPS) graphs and the other one is based on Supersingular Isogeny Graphs. A 2008 paper by Petit-Lauter-Quisquater breaks the hash function based on LPS graphs.  ...  Charles-Goren-Lauter in 2006 [CGL06] proposed two hash functions based on the hardness of finding paths in Ramanujan graphs.  ...  Both graphs were proposed and presented at the 2005 and 2006 NIST Hash Function workshops, but the LPS hash function was quickly attacked and broken in two papers in 2008, a collision attack [TZ08] and  ... 
arXiv:1806.05709v2 fatcat:rt6uqp5ap5dk3c6wutbi2sjhqu

A Cryptographic Hash Function from Markoff Triples [article]

Elena Fuchs, Kristin Lauter, Matthew Litman, Austin Tran
2021 arXiv   pre-print
Cryptographic hash functions from expander graphs were proposed by Charles, Goren, and Lauter in [CGL] based on the hardness of finding paths in the graph.  ...  In this paper, we propose a new candidate for a hash function based on the hardness of finding paths in the graph of Markoff triples modulo p.  ...  The LPS-based hash function was attacked in two subsequent papers, which presented efficient algorithms to find collisions [TZ] , and preimages [PLQ] .  ... 
arXiv:2107.10906v2 fatcat:wv7h4fcxxrbizj62uid2vgatcm
« Previous Showing results 1 — 15 out of 248 results