A Design Principle for Hash Functions

  • Ivan Bjerre Damgård
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 435)


We show that if there exists a computationally collision free function f from m bits to t bits where m > t, then there exists a computationally collision free function h mapping messages of arbitrary polynomial lengths to t-bit strings.

Let n be the length of the message. h can be constructed either such that it can be evaluated in time linear in n using 1 processor, or such that it takes time O(log(n)) using O(n) processors, counting evaluations of f as one step. Finally, for any constant k and large n, a speedup by a factor of k over the first construction is available using k processors.

Apart from suggesting a generally sound design principle for hash functions, our results give a unified view of several apparently unrelated constructions of hash functions proposed earlier. It also suggests changes to other proposed constructions to make a proof of security potentially easier.

We give three concrete examples of constructions, based on modular squaring, on Wolfram’s pseudoranddom bit generator [Wo], and on the knapsack problem.


  1. [Da]
    Damgård: “Collision Free Hash Functions and Public Key Signature Schemes”, Proceedings of EuroCrypt 87, Springer.Google Scholar
  2. [De]
    D. Denning: “Digital Signatures with RSA and other Public Key Cryptosystems”, CACM, vol.27, 1984, pp.441–448.MathSciNetGoogle Scholar
  3. [DP]
    Davis and Price: “The Application of Digital Signatures Based on Public Key Crypto-Systems”, Proc. of CompCon 1980, pp.525–530.Google Scholar
  4. [GC]
    Godlewski and Camion: “Manipulation and Errors, Localization and Detection”, Proceedings of EuroCrypt 88, Springer.Google Scholar
  5. [Gi]
    Gibson: “A Collision Free Hash Function and the Discrete Logarithm Problem for a Composite Modulus”, Manuscript, 1/10/88, London, England.Google Scholar
  6. [Gir]
    Girault: “Hash Functions Using Modulo-n Operations”, Proceedings of EuroCrypt 87, Springer.Google Scholar
  7. [GTV]
    Girault, Toffin and Vallée: “Computation of Approximate L-th Roots Modulon and Application to Cryptography”, Proceedings of Crypto 88, Springer.Google Scholar
  8. [ImNa]
    Impagliazzo and Naor: “Efficient Cryptographic Schemes Provably as Secure as Subset Sum”, Proc. of FOCS 89.Google Scholar
  9. [Me]
    Merkle: “One Way Hash Functions and DES”, these proceedings.Google Scholar
  10. [NaYu]
    Naor and Yung: “Universal One-Way Hash Functions”, Proc. of STOC 89.Google Scholar
  11. [Wi]
    Winternitz: “Producing a one-way Hash Function from DES”, Proceedings of Crypto 83, Springer.Google Scholar
  12. [Wo]
    Wolfram: “Random Sequence Generation by Cellular Automata”, Adv. Appl. Math., vol 7, 123–169, 1986.MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Ivan Bjerre Damgård

There are no affiliations available

Personalised recommendations