Finding collisions on a one-way street: Can secure hash functions be based on general assumptions? [chapter]

Daniel R. Simon
1998 Lecture Notes in Computer Science  
We prove the existence of an oracle relative to which there exist seveial well-known cryptographic primitives, including one-way permutations, but excluding (for a suitably strong definition) collision-intractible hash functions. Thus any proof that such functions can be derived from these weaker primitives is necessarily non-relativizing; in particular, no provable construction of a collision-intractable hash function can exist based solely on a "black box" one-way permutation. This result can
more » ... be viewed as a partial justification for the common practice of treating the collision-intractable hash function as a cryptographic primitive, rather than attempting to derive it from a weaker primitive (such as a one-way permutation).
doi:10.1007/bfb0054137 fatcat:oq6qfgldnfesfgdz4wjoxvarmi