Characterizing Padding Rules of MD Hash Functions Preserving Collision Security

Nandi, Mridul

doi:10.1007/978-3-642-02620-1_12

Mridul Nandi¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5594))

Included in the following conference series:

Australasian Conference on Information Security and Privacy

660 Accesses
3 Citations

Abstract

This paper characterizes collision preserving padding rules and provides variants of Merkle-Damgård (MD) which are having less or no overhead costs due to length. We first show that suffix-free property of padding rule is necessary as well as sufficient to preserve the collision security of MD hash function for an arbitrary domain {0,1}^*. Knowing this, we propose a simple suffix-free padding rule padding only log|M| bits for a message M, which is less than that of Damgard’s and Sarkar’s padding rules. We also prove that the length-padding is not absolutely necessary. We show that a simple variant of MD with 10^d-padding (or any injective padding) is collision resistant provided that the underlying compression function is collision resistant after chopping the last-bit. Finally, we design another variant of MD hash function preserving all three basic security notions of hash functions, namely collision and (2nd) preimage, which is an improvement over a recently designed (SAC-08) three-property preserving hash function.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Andreeva, E., Preneel, B.: A Three-Property-Preserving Hash Function. To appear in: Selected Areas in Cryptography (2008)
Google Scholar
Bellare, M., Rogaway, P.: Collision-Resistant Hashing: Towards Making UOWHFs Practical. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 470–484. Springer, Heidelberg (1997)
Chapter Google Scholar
Bellare, M., Rogaway, P.: Introduction to Modern Cryptography, http://www-cse.ucsd.edu/~mihir/cse207/classnotes.html
Shoup, V.: Using Hash Functions as a Hedge against Chosen Ciphertext Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000)
Chapter Google Scholar
Damgård, I.B.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Google Scholar
Damgård, I.B.: Collision Free Hash Functions and Public Key Signature Schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1988)
Chapter Google Scholar
Gibson, J.K.: Discrete logarithm hash function that is collision free and one-way. IEE Proceedings-E 138, 407–410 (1991)
Google Scholar
Don., B.J.: Improving Hash Function Padding. NIST hash workshop (2005), http://csrc.nist.gov/groups/ST/hash/documents/Johnson_Padding.pdf
Kelsey, J., Schneier, B.: Second Preimages on n-bit Hash Functions for Much Less than 2ⁿ Work. Cryptology ePrint Archive (2004), http://eprint.iacr.org/2004/304
Merkle, R.: One Way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)
Google Scholar
Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the Twenty First Annual ACM Symposium on Theory of Computing, pp. 33–43. ACM Press, New York (1989)
Google Scholar
NIST/NSA. FIPS 180-2 Secure Hash Standard (August 2002), http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
Rogaway, P.: Formalizing Human Ignorance: Collision-Resistant Hashing without the Keys. Eprint archive (2006), http://eprint.iacr.org/2006/281.pdf
Rogaway, P., Shrimpton, T.: Cryptographic Hash Function Basics: Definitions, Implications, and Separations for Pre-image Resistance, Second Pre-image Resistance, and Collision Resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)
Chapter Google Scholar
Sarkar, P.: Domain Extender for Collision Resistant Hash Functions: Improving Upon Merkle-Damgard Iteration. Discrete Applied Mathematics 157(5), 1086–1097 (2009)
Article MathSciNet MATH Google Scholar
Stinson, D.R.: Cryptography: Theory and Practice, 2nd edn. CRC Press, Inc., Boca Raton
Google Scholar
Stinson, D.R.: Some observations on the theory of cryptographic hash functions. ePrint Archive Report (2001), http://eprint.iacr.org/2001/020/

Download references

Author information

Authors and Affiliations

National Institute of Standards and Technology, USA
Mridul Nandi

Authors

Mridul Nandi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia
Colin Boyd
Information Security Institute, Queensland Univ. of Technology, GPO Box 2434, QLD, 4001, Brisbane, Australia
Juan González Nieto

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Nandi, M. (2009). Characterizing Padding Rules of MD Hash Functions Preserving Collision Security. In: Boyd, C., González Nieto, J. (eds) Information Security and Privacy. ACISP 2009. Lecture Notes in Computer Science, vol 5594. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02620-1_12

Download citation

DOI: https://doi.org/10.1007/978-3-642-02620-1_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02619-5
Online ISBN: 978-3-642-02620-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics