Pseudo random oracle of Merkle-Damgård hash functions revisited
نویسندگان
چکیده
منابع مشابه
Hash Functions: From Merkle-Damgård to Shoup
In this paper we study two possible approaches to improving existing schemes for constructing hash functions that hash arbitrary long messages. First, we introduce a continuum of function classes that lie between universal one-way hash functions and collision-resistant functions. For some of these classes efficient (yielding short keys) composite schemes exist. Second, we prove that the schedul...
متن کاملMerkle-Damgård Revisited: How to Construct a Hash Function
The most common way of constructing a hash function (e.g., SHA-1) is to iterate a compression function on the input message. The compression function is usually designed from scratch or made out of a block-cipher. In this paper, we introduce a new security notion for hash-functions, stronger than collision-resistance. Under this notion, the arbitrary length hash function H must behave as a rand...
متن کاملHow to Fill Up Merkle-Damgård Hash Functions
Many of the popular Merkle-Damg̊ard hash functions have turned out to be not collision-resistant (CR). The problem is that we no longer know if these hash functions are even second-preimage-resistant (SPR) or one-way (OW), without the underlying compression functions being CR. We remedy this situation by introducing the “split padding” into a current Merkle-Damg̊ard hash function H. The patched h...
متن کاملConstructing Secure Hash Functions by Enhancing Merkle-Damgård Construction
Recently multi-block collision attacks (MBCA) were found on the Merkle-Damg̊ard (MD)-structure based hash functions MD5, SHA-0 and SHA-1. In this paper, we introduce a new cryptographic construction called 3C devised by enhancing the MD construction. We show that the 3C construction is at least as secure as the MD construction against single-block and multi-block collision attacks. This is the f...
متن کاملThe Design Principle of Hash Function with Merkle-Damgård Construction
The paper discusses the security of compression function and hash function with Merkle-Damg̊ard construction and provides the complexity bound of finding a collision and primage of hash function based on the condition probability of compression function y = F (x, k). we make a conclusion that in Merkle-Dammåard construction, the requirement of free start collision resistant and free start collis...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Science China Information Sciences
سال: 2019
ISSN: 1674-733X,1869-1919
DOI: 10.1007/s11432-018-9568-2