Interpreting Hash Function Security Proofs
نویسنده
چکیده
We provide a concrete security treatment of several “provably secure” hash functions. Interpreting arguments behind MQ-HASH, FSB, SWIFFTX and VSH we identify similar lines of reasoning. We aim to formulate the main security claims in a language closer to that of attacks. We evaluate designers’ claims of provable security and quantify them more precisely, deriving “second order” bounds on bounds. While the authors of FSB, MQ-HASH and SWIFFT(X) prove existence of nontrivial lower bounds on security, we show that the quantification of the bounds limits the practical significance of the proofs.
منابع مشابه
An Improved Hash Function Based on the Tillich-Zémor Hash Function
Using the idea behind the Tillich-Zémor hash function, we propose a new hash function. Our hash function is parallelizable and its collision resistance is implied by a hardness assumption on a mathematical problem. Also, it is secure against the known attacks. It is the most secure variant of the Tillich-Zémor hash function until now.
متن کاملSecurity Proofs for the BLT Signature Scheme
We present security proofs for the BLT signature scheme in the model, where hash functions are built from ideal components (random oracles, ideal ciphers, etc.). We show that certain strengthening of the Pre-image Awareness (PrA) conditions like boundedness of the extractor, and certain natural properties (balancedness and the so-called output one-wayness) of the hash function are sufficient fo...
متن کاملLimits of Constructive Security Proofs
The collision-resistance of hash functions is an important foundation of many cryptographic protocols. Formally, collisionresistance can only be expected if the hash function in fact constitutes a parametrized family of functions, since for a single function, the adversary could simply know a single hard-coded collision. In practical applications, however, unkeyed hash functions are a common ch...
متن کاملNew Integrated proof Method on Iterated Hash Structure and New Structures
A secure hash structure in Random Oracle Model may not be a secure model in true design. In this paper, we give an integrated proof method on security proof of iterated hash structure. Based on the proof method, we can distinguish the security of Merkel-Damag̊ard structure, wide-pipe hash, double-pipe hash and 3c hash and know the requirement of true design on compression function, and give a ne...
متن کاملOn a Probabilistic Approach to the Security Analysis of Cryptographic Hash Functions
In this paper we focus on the three basic security requirements for a cryptographic hash function, commonly referred as preimage, second preimage and collision resistance. We examine these security requirements in the case of attacks which do not take advantage on how the hash function is computed, expressing them as success probabilities of suitable randomized algorithms. We give exact mathema...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010