Current oo-line electronic cash systems are often too complex to implement. In this paper, we propose an eecient oo-line digital cash payment system that still maintains basic security features such as double-spending detection and client anonymity. Using a one-way hash function chain, our method veriies the clients to perform one single online computation (response) for the whole payment.

We illustrate how coding theory was applied in the design of the cryptographic hash function LANE [8]. The generic structure of the LANE compression function could potentially be vulnerable to a class of meet-in-the-middle attacks. While difficult to avoid at first sight, restating the problem in the domain of error correcting codes naturally leads to a simple and elegant solution. This ensures...

We study the following two kinds of one-way hash functions: universal one-way hash functions (UOHs) and collision intractable hash functions (CIHs). The main property of the former is that given an initial-string x, it is computationally diicult to nd a diierent string y that collides with x. And the main property of the latter is that it is computationally diicult to nd a pair x 6 = y of strin...

One-way hash algorithms are an indispensable tool in data security. Over the last decade or so a number of one-way hash algorithms have been designed and many of them have been used in numerous applications. Recent progress in cryptanalytic attacks on one-way hash algorithms by Wang and co-workers, however, has brought up the urgency of research into new and more secure algorithms. The goal of ...

The design principles proposed independently by both Ralph Merkle and Ivan Damgård in 1989 are applied widely in hash functions that are used in practice. The construction reads the message in one message block at a time and applies iteratively a compression function that, given a single message block and a hash value, outputs a new hash value. This iterative structure has some security weaknes...

Chosen-target-forced-prefix (CTFP) preimage resistance is a hash function security property guaranteeing the inability of an attacker to commit to a hash function outcome h without knowing the prefix of the message to be hashed in advance. At EUROCRYPT 2006, Kelsey and Kohno described the herding attack against the Merkle-Damg̊ard design that results in a CTFP-preimage of length about n/3 blocks...

Non-repudiation is one of the most important security services. In this paper we present a novel non-repudiation technique, called Server-Supported Signatures, S 3. It is based on one-way hash functions and traditional digital signatures. One of its highlights is that for ordinary users the use of asymmetric cryptography is limited to signature veriication. S 3 is eecient in terms of computatio...

Recently, Lee and Yang proposed a subliminal scheme which employs an access control in a hierarchy. In their scheme, chief users use a one-way hash function to compute their subordinates’ secret keys with low computation efficiency. And we also find some drawbacks, which are potential loopholes of the security. In this paper, we will show that their scheme suffers inside malicious user attack. ...

In this paper we study the security of hash functions SM3 and BLAKE-256 against boomerang attack. SM3 is designed by X. Wang et al. and published by Chinese Commercial Cryptography Administration Office for the use of electronic certification service system in China. BLAKE is one of the five finalists of the NIST SHA-3 competition submitted by J.-P. Aumasson et al. For SM3, we present boomerang...