Abstract
Multivariate hash functions are a type of hash functions whose compression function is explicitly defined as a sequence of multivariate equations. Billet et al designed the hash function MQ-HASH and Ding et al proposed a similar construction. In this paper, we analyze the security of multivariate hash functions and conclude that low degree multivariate functions such as MQ-HASH are neither pseudo-random nor unpredictable. There may be trivial collisions and fixed point attacks if the parameters of the compression function have been chosen. And they are also not computation-resistance, which makes MAC forgery easily.
Similar content being viewed by others
References
Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols [C]//Proc of the 1st ACM Conference on Computer and Communications Security. New York: ACM, 1993: 62–73.
Billet O, Robshaw M, Peyrin T. On building hash functions from multivariate quadratic equations [C]//Proc of ACISP. Berlin: Springer-Verlag, 2007: 82–95.
Ding Jintai, Yang Bo-yin. Multivariates polynomials for Hashing [C]//Proc of Inscrypt 2007. Berlin: Springer-Verlag, 2008: 358–371.
Naor M, Reingold O. From unpredictability to indistinguishability: A simple construction of pseudo ran-dom functions from MACs (extended abstract) [C]//Proc of Crypto 98. Berlin: Springer-Verlag, 1998: 267–282.
Lai Xuejia. Higher order derivatives and differential cryptanalysis [C] //Communications and Cryptography: Two Sides of One Tapestry. Switzerland: Kluwer Adademic Publishers, 1994: 227–233.
Knudsen L. Truncated and higher order differentials [C]//Proc of FSE95. Berlin: Springer-Verlag, 1995: 196–211.
Aumasson J P, Meier W. Analysis of multivariate hash functions [C]//Proc of ICISC 2007. Berlin: Springer-Verlag, 2007: 309–323.
Preneel B. The state of cryptographic hash functions [C]//Lectures on Data Security: Modern Cryptology in Theory and Practice. Berlin: Springer-Verlag,1999: 158–182.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: the National Natural Science Foundation of China (Nos. 60573032, 60773092, 90604036) and the National High Technology Research and Development Program (863) of China (No. 2007AA01Z456)
Rights and permissions
About this article
Cite this article
Luo, Yy., Lai, Xj. On the security of multivariate hash functions. J. Shanghai Jiaotong Univ. (Sci.) 14, 219–222 (2009). https://doi.org/10.1007/s12204-009-0219-8
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12204-009-0219-8