Abstract
In this paper we study two possible approaches to improving existing schemes for constructing hash functions that hash arbitrary long messages. First, we introduce a continuum of function classes that lie between universal one-way hash functions and collision-resistant functions. For some of these classes efficient (yielding short keys) composite schemes exist. Second, we prove that the schedule of the Shoup construction, which is the most efficient composition scheme for universal one-way hash functions known so far, is optimal.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Supported by NSF contract #CCR-9984259
References
M. Blum, “Coin flipping by telephone,” CRYPTO 81, pp. 11–15, 1981.
M. Bellare, P. Rogaway, “Collision-resistant hashing: towards making UOWHFs practical,” Proc. of CRYPTO 97, pp. 470–484, Full version of this paper is available from http://www-cse.ucsd.edu/users/mihir/, 1997.
I. Damgård, “A design principle for hash functions,” Proc. of CRYPTO 89, pp. 416–427, 1989.
R. Gennaro, L. Trevisan, “Lower bounds on the efficiency of generic cryptographic constructions,” Proc. of FOCS'00, pp. 305–313, 2000.
J. Hastad, R. Impagliazzo, L. Levin, M. Luby, ”A pseudo-random generator from any one-way function,” SIAM J. Computing, 28(4):1364–1396, 1999.
J.H. Kim, D. Simon, P. Tetali, “Limits on the efficiency of one-way permutation-based hash functions,” Proc. of FOCS'99, pp. 535–542, 1999.
X. Lai, J. Massey, “Hash function based on block ciphers,” Proc. of EUROCRYPT 92, pp. 55–70, 1992.
R. Merkle, “One way hash functions and DES,” Proc. of CRYPTO 89, pp. 428–446, 1989.
M. Naor, “Bit commitment using pseudorandomness,” J. Cryptology, 4(2): 151–158, 1991.
M. Naor, M. Yung, “Universalone-w ay hash functions and their cryptographic applications,” Proc. of STOC'89, pp. 33–43, 1989.
J. Rompel, “One-way functions are necessary and sufficient for secure signatures,” Proc. of STOC'90, pp. 387–394, 1990.
A. Russell, “Necessary and sufficient condtions for collision-free hashing,” J. of Cryptology 8(2), pp. 87–100, 1995.
T. Schweinberger, V. Shoup, “ACE: The Advanced Cryptographic Engine,” Manuscript. Available from http://www.shoup.net, 2000.
V. Shoup, “A composite theorem for universalone-w ay hash functions,” Proc. of EUROCRYPT 2000, pp. 445–452, 2000.
D. Simon, “Finding collisions on a one-way street: Can secure hash functions be based on general assumptions?” Proc. of EUROCRYPT 98, pp. 334–345, 1998.
Y. Zheng, T. Matsumoto, H. Imai, “Structuralprop erties of one-way hash functions,” Proc. of Crypto 90, pp. 285–302, 1990.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mironov, I. (2001). Hash Functions: From Merkle-Damgård to Shoup. In: Pfitzmann, B. (eds) Advances in Cryptology — EUROCRYPT 2001. EUROCRYPT 2001. Lecture Notes in Computer Science, vol 2045. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44987-6_11
Download citation
DOI: https://doi.org/10.1007/3-540-44987-6_11
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42070-5
Online ISBN: 978-3-540-44987-4
eBook Packages: Springer Book Archive