Security of VSH in the Real World
In Eurocrypt 2006, Contini, Lenstra, and Steinfeld proposed a new hash function primitive, VSH, very smooth hash. In this brief paper we offer commentary on the resistance of VSH against some standard cryptanalytic attacks, including preimage attacks and collision search for a truncated VSH. Although the authors of VSH claim only collision resistance, we show why one must be very careful when using VSH in cryptographic engineering, where additional security properties are often required.
KeywordsHash Function Random Oracle Compression Function Modular Reduction Cryptographic Hash Function
Unable to display preview. Download preview PDF.
- 1.Bellare, M., Canetti, R., Krawczyk, H.: HMAC: Keyed-Hashing for Message Authentication. IETF RFC 2104 (1997)Google Scholar
- 3.Coppersmith, D.: Analysis of ISO/CCITT Document X.509 Annex D. IBM Research Division, Yorktown Heights, NY (June 11, 1989)Google Scholar
- 4.RSA Laboratories. RSA-1024 Factoring Challenge Number. Available from: http://www.rsasecurity.com/rsalabs/node.asp?id=2093
- 5.Shanks, D.: Class number, a theory of factorization and genera. In: Proc. Symp. Pure Math., pp. 415–550. AMS, Providence (1979)Google Scholar