Skip to main content
SpringerLink
Log in

The State of Hash Functions and the NIST SHA-3 Competition

Extended Abstract

  • Conference paper
Information Security and Cryptology (Inscrypt 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5487))

Included in the following conference series:

Abstract

Cryptographic hash functions play a central role in applications of cryptography. In spite of this, there has been only limited interest for theoretical work on the definitions and foundations. Until recently, there were about hundred practical designs, of which more than three quarter are broken, and the most widely used hash functions were MD5 and SHA-1. Cryptanalysis during the 1990s showed that these functions offered only a very limited security margin, and in 2004 Wang et al. managed to enhance differential cryptanalysis to a point that finding collisions for MD5 became very easy; for SHA-1 a substantial reduction of the security margin was obtained. This breakthrough has resulted in a flurry of research, resulting in both more theoretical research and new constructions. NIST has announced in November 2007 that it would organize the SHA-3 competition, with as goal to select a new hash function family by 2012. On October 31, 2008, 64 submissions were received, 51 of which have been selected for the first round. This extended abstract presents a brief outline of the state of the art of hash functions at the beginning of the competition and tries to clarify the context in which this competition is starting.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ajtai, M.: Generating hard instances of lattice problems. In: Proceedings 28th ACM Symposium on the Theory of Computing, pp. 99–108 (1996)

    Google Scholar 

  2. Andreeva, E., Neven, G., Preneel, B., Shrimpton, T.: Seven-property-preserving iterated hashing: ROX. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 130–146. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  3. Barreto, P.S.L.M., Rijmen, V.: The Whirlpool hashing function. NESSIE submission (September 2000)

    Google Scholar 

  4. Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)

    Google Scholar 

  6. Bellare, M., Goldreich, O., Goldwasser, S.: Incremental cryptography: the case of hashing and signing. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 216–233. Springer, Heidelberg (1994)

    Google Scholar 

  7. Bellare, M., Ristenpart, T.: Multi-property-preserving hash domain extension and the EMD transform. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 299–314. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Bellovin, S.M., Rescorla, E.K.: Deploying a new hash algorithm. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2006, The Internet Society (2006)

    Google Scholar 

  9. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)

    Book  MATH  Google Scholar 

  11. Biham, E., Dunkelman, O.: A framework for iterative hash functions – HAIFA. In: Proceedings Second NIST Hash Functions Workshop 2006, Santa Barbara (CA), USA (August 2006)

    Google Scholar 

  12. Black, J.A., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Brachtl, B.O., Coppersmith, D., Hyden, M.M., Matyas, S.M., Meyer, C.H., Oseas, J., Pilpel, S., Schilling, M.: Data Authentication Using Modification Detection Codes Based on a Public One Way Encryption Function, U.S. Patent Number 4,908,861, March 13 (1990)

    Google Scholar 

  14. Chabaud, F., Joux, A.: Differential collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  15. Charles, D.X., Goren, E.Z., Lauter, K.E.: Cryptographic hash functions from expander graphs. In: Proceedings Second NIST Hash Functions Workshop 2006, Santa Barbara (CA), USA (August 2006)

    Google Scholar 

  16. Contini, S., Lenstra, A.K., Steinfeld, R.: VSH, an efficient and provable collision-resistant hash function. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 165–182. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  17. Coppersmith, D.: Analysis of ISO/CCITT Document X.509 Annex D. IBM T.J. Watson Center, Yorktown Heights, N.Y., 10598, Internal Memo, June 11 (1989) (also ISO/IEC JTC1/SC20/WG2/N160)

    Google Scholar 

  18. Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård revisited: How to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  19. Damgård, I.B.: Collision free hash functions and public key signature schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1988)

    Chapter  Google Scholar 

  20. Damgård, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)

    Google Scholar 

  21. Dean, R.D.: Formal aspects of mobile code security. PhD thesis, Princeton University (January 1999)

    Google Scholar 

  22. De Cannière, C., Rechberger, C.: Preimages for reduced SHA-0 and SHA-1. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 179–202. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. den Boer, B., Bosselaers, A.: Collisions for the compression function of MD-5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293–304. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  24. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  25. Dobbertin, H.: The status of MD5 after a recent attack. CryptoBytes 2(2), 1–6 (Summer, 1996)

    MathSciNet  Google Scholar 

  26. Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160: a strengthened version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 71–82. Springer, Heidelberg (1996), http://www.esat.kuleuven.ac.be/~bosselae/ripemd160

    Chapter  Google Scholar 

  27. ECRYPT II, The SHA-3 Zoo, http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo

  28. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Chapter  Google Scholar 

  29. FIPS 46, Data Encryption Standard, Federal Information Processing Standard, NBS, U.S. Department of Commerce (January 1977) (revised as FIPS 46-1(1988); FIPS 46-2(1993), FIPS 46-3(1999))

    Google Scholar 

  30. FIPS 180-1, Secure Hash Standard, Federal Information Processing Standard (FIPS), Publication 180-1, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., April 17 (1995)

    Google Scholar 

  31. FIPS 180-2, Secure Hash Standard, Federal Information Processing Standard (FIPS), Publication 180-2, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., August 26 (Change notice 1 published on December 1 2002) (2002)

    Google Scholar 

  32. Fleischmann, E., Forler, C., Gorski1, M.: Classifcation of the SHA-3 candidates, February 1 (2009), http://eprint.iacr.org/2008/511.pdf

  33. Hirose, S.: Some plausible constructions of double-block-length hash functions. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 210–225. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  34. Indesteege, S., Mendel, F., Preneel, B., Rechberger, C.: Collisions and other non-random properties for step-reduced SHA-256. In: Avanzi, R., Keliher, L., Sica, F. (eds.) Selected Areas in Cryptology– SAC 2008. LNCS. Springer, Heidelberg (in print, 2009)

    Google Scholar 

  35. ISO/IEC 10118, Information technology – Security techniques – Hash-functions, Part 1: General (2000), Part 2: Hash-functions using an n-bit block cipher algorithm (2000), Part 3: Dedicated hash-functions (2003), Part 4: Hash-functions using modular arithmetic (1998)

    Google Scholar 

  36. Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  37. Kaliski Jr., B.S.: The MD2 Message-Digest algorithm. Request for Comments (RFC) 1319, Internet Activities Board, Internet Privacy Task Force (April 1992)

    Google Scholar 

  38. Kelsey, J., Kohno, T.: Herding hash functions and the Nostradamus attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 183–200. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  39. Kelsey, J., Schneier, B.: Second preimages on n-bit hash functions for much less than 2n work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  40. Klima, V.: Tunnels in hash functions: MD5 collisions within a minute. IACR ePrint archive (2006), http://eprint.iacr.org/2006/105.pdf

  41. Knudsen, L.R., Lai, X., Preneel, B.: Attacks on fast double block length hash functions. Journal of Cryptology 11(1), 59–72 (Winter 1998)

    Article  MathSciNet  MATH  Google Scholar 

  42. Lai, X., Massey, J.L.: Hash functions based on block ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 55–70. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  43. Leurent, G.: MD4 is not one-way. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 412–428. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  44. Manuel, S., Peyrin, T.: Collisions on SHA-0 in one hour. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 16–35. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  45. Maurer, U.M., Renner, R.S., Holenstein, C.: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  46. Merkle, R.: Secrecy, Authentication, and Public Key Systems. UMI Research Press (1979)

    Google Scholar 

  47. Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)

    Google Scholar 

  48. Merkle, R.: A fast software one-way hash function. Journal of Cryptology 3(1), 43–58 (1990)

    Article  MathSciNet  MATH  Google Scholar 

  49. Miyaguchi, S., Iwata, M., Ohta, K.: New 128-bit hash function. In: Proceedings 4th International Joint Workshop on Computer Communications, Tokyo, Japan, July 13–15, pp. 279–288 (1989)

    Google Scholar 

  50. Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings 21st ACM Symposium on the Theory of Computing, pp. 387–394 (1990)

    Google Scholar 

  51. NIST SHA-3 Competition, http://csrc.nist.gov/groups/ST/hash/

  52. Pal, P., Sarkar, P.: PARSHA-256 – A new parallelizable hash function and a multithreaded implementation. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 347–361. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  53. Patarin, J.: Collisions and inversions for Damgård’s whole hash function. In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 307–321. Springer, Heidelberg (1995)

    Google Scholar 

  54. Preneel, B.: Analysis and design of cryptographic hash functions. Doctoral Dissertation, Katholieke Universiteit Leuven (1993)

    Google Scholar 

  55. Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: A synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  56. Rabin, M.O.: Digitalized signatures. In: Lipton, R., DeMillo, R. (eds.) Foundations of Secure Computation, pp. 155–166. Academic Press, New York (1978)

    Google Scholar 

  57. Rivest, R.L.: The MD4 message digest algorithm. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 303–311. Springer, Heidelberg (1991)

    Google Scholar 

  58. Rivest, R.L.: The MD5 message-digest algorithm. Request for Comments (RFC) 1321, Internet Activities Board, Internet Privacy Task Force (April 1992)

    Google Scholar 

  59. Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  60. Rogaway, P., Steinberger, J.P.: Constructing cryptographic hash functions from fixed-key blockciphers. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 433–450. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  61. Saarinen, M.-J.O.: Security of VSH in the real world. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 95–103. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  62. Sanadhya, S.K., Sarkar, P.: New collision attacks against up to 24-step SHA-2. In: Roy Chowdhury, D., Rijmen, V., Das, A. (eds.) Progress in Cryptology – Indocrypt 2008. LNCS, vol. 5365, pp. 91–103. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  63. Sasaki, Y., Aoki, K.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R., Keliher, L., Sica, F. (eds.) Selected Areas in Cryptocraphy – SAC 2008. LNCS. Springer, Heidelberg (in print, 2009)

    Google Scholar 

  64. Sotirov, A., Stevens, M., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D.A., de Weger, B.: MD5 considered harmful today. Creating a rogue CA certificate, http://www.win.tue.nl/hashclash/rogue-ca/

  65. Stam, M.: Beyond uniformity: Better security/Efficiency tradeoffs for compression functions. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 397–412. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  66. Stam, M.: Blockcipher based hashing revisited. In: Dunkelman, O. (ed.) Fast Software Encryption 2009. LNCS. Springer, Heidelberg (to appear, 2009)

    Google Scholar 

  67. Steinberger, J.P.: The collision intractability of MDC-2 in the ideal-cipher model. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 34–51. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  68. Tillich, J.-P., Zémor, G.: Collisions for the LPS expander graph hash function. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 254–269. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  69. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  70. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  71. Wang, X., Yu, H., Yin, Y.L.: Efficient collision search attacks on SHA-0. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 1–16. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  72. Winternitz, R.: A secure one-way hash function built from DES. In: Proceedings IEEE Symposium on Information Security and Privacy, pp. 88–90. IEEE Press, Los Alamitos (1984)

    Google Scholar 

  73. Yasuda, K.: How to fill up Merkle-Damgård hash functions. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 272–289. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  74. Yuval, G.: How to swindle Rabin. Cryptologia 3, 187–189 (1979)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. Electrical Engineering-ESAT/COSIC, Katholieke Universiteit Leuven and IBBT, Kasteelpark Arenberg 10 Bus 2446, B-3001, Leuven, Belgium

    Bart Preneel

Authors
  1. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  2. College of Information Sciences and Technology, Pennsylvania State University, PA 16802, University Park, USA

    Peng Liu

  3. SKLOIS, Institute of Software, Chinese Academy of Sciences, 100080, Beijing, China

    Dongdai Lin

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Preneel, B. (2009). The State of Hash Functions and the NIST SHA-3 Competition . In: Yung, M., Liu, P., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2008. Lecture Notes in Computer Science, vol 5487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01440-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-01440-6_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-01439-0

  • Online ISBN: 978-3-642-01440-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation