Article

Domain extender for collision resistant hash functions: Improving upon Merkle–Damgård iteration

Discrete Applied Mathematics (Impact Factor: 0.8). 03/2009; 157(5):1086-1097. DOI: 10.1016/j.dam.2008.03.038
Source: DBLP

ABSTRACT

We study the problem of securely extending the domain of a collision resistant compression function. A new construction based on directed acyclic graphs is described. This generalizes the usual iterated hashing constructions. Our main contribution is to introduce a new technique for hashing arbitrary length strings. Combined with DAG based hashing, this technique gives a new hashing algorithm. The amount of padding and the number of invocations of the compression function required by the new algorithm is smaller than the general Merkle-Damgard algorithm. Lastly, we describe the design of a new parallel hash algorithm.

  • Source
    • "H(·): one way hash function [15]; "
    [Show abstract] [Hide abstract]
    ABSTRACT: The attractive huge prize causes people to adore lotteries. Due to the very small probability of winning prizes, the players can enhance their probability of winning by using the method of joint purchase. In spite of many lottery schemes having been proposed, most e-lottery schemes focus on the players' privacy or computation overhead rather than support a joint purchase protocol on the Internet. In this paper, we use the multisignature and verifiable random function to construct a secure and fair joint e-lottery scheme. The players can check the lottery integrity, and the winning numbers can be verified publicly.
    Full-text · Article · May 2014
  • Source
    • "Alternatively, one might consider a modification of the classical iterated hash function where message blocks are used more than once. Another approach is to use a parallel design, which is characterized by a directed tree; see [23]. One can also combine these two approaches. "
    [Show abstract] [Hide abstract]
    ABSTRACT: A multicollision for a function is a set of inputs whose outputs are all identical. A. Joux showed multicollision attacks on the classical iterated hash function. He also showed how these multicollision attacks can be used to get a collision attack on a concatenated hash function. In this paper, we study multicollision attacks in a more general class of hash functions which we term "generalized sequential hash functions." We show that multicollision attacks exist for this class of hash functions provided that every message block is used at most twice in the computation of the message digest
    Full-text · Article · Mar 2007 · IEEE Transactions on Information Theory
  • Source
    • "Alternatively, one might consider a modification of the classical iterated hash function where message blocks are used more than once. Another approach is to use a parallel design, which is characterized by a directed tree; see [16]. One can also combine these two approaches. "
    [Show abstract] [Hide abstract]
    ABSTRACT: In a recent paper, A. Joux (7) showed multicollision attacks on the classical iterated hash function. (A multicollision is a set of inputs whose hash values are same.) He also showed how the multicollision attacks can be used to get a collision attack on the concatenated hash function. In this paper, we first try to fix the attack by introducing a natural and wide class hash functions. However, we show that the multicollision attacks also exist in this general class. Thus, we rule out a natural and a wide class of hash functions as candidates for multicollision secure hash functions.
    Full-text · Article · Jan 2005
Show more