Abstract
We revisit the definitions of preimage resistance, focussing on the question of finding a definition that is simple enough to prove security against, yet flexible enough to be of use for most applications. We give an in-depth analysis of existing preimage resistance notions, introduce several new notions, and establish relations and separations between the known and new preimage notions. This establishes a clear separation between domain-oriented and range-oriented preimage resistance notions. For the former an element is chosen from the domain and hashed to form the target digest; for the latter the target digest is chosen directly from the range.
In particular, we show that Rogaway and Shrimpton’s notion of everywhere preimage resistance on its own is less powerful than previously thought. However, we prove that in conjunction with collision resistance, everywhere preimage resistance implies ‘ordinary’ (domain-based) preimage resistance. We show the implications of our result for iterated hash functions and hash chains, where the latter is related to the Winternitz one-time signature scheme.
This work has been funded in part by the IAP Program P6/26 BCRYPT of the Belgian State (Belgian Science Policy), in part by the European Commission through the ICT program under contract ICT-2007-216676 ECRYPT II, and in part by the Research Council K.U.Leuven: GOA TENSE. The first author is funded by a Ph.D. Fellowship from the Flemish Research Foundation (FWO-Vlaanderen). The work was initiated when the second author was at LACAL, EPFL (Switzerland).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Andreeva, E., Neven, G., Preneel, B., Shrimpton, T.: Seven-Property-Preserving Iterated Hashing: ROX. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 130–146. Springer, Heidelberg (2007)
Avoine, G., Junod, P., Oechslin, P.: Characterization and Improvement of Time-Memory Trade-Off Based on Perfect Tables. ACM Trans. Inf. Syst. Secur. 11(4) (2008)
Bellare, M., Kohno, T.: Hash Function Balance and its Impact on Birthday Attacks. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 401–418. Springer, Heidelberg (2004)
Black, J., Rogaway, P., Shrimpton, T.: Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)
Black, J., Rogaway, P., Shrimpton, T., Stam, M.: An Analysis of the Block-Cipher-Based Hash Functions from PGV. Journal of Cryptology 23(4), 519–545 (2010)
Brassard, G. (ed.): CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Cachin, C.: Unconditional Security in Cryptography. Ph.D. thesis, ETH Zürich (1997)
Damgård, I.: A Design Principle for Hash Functions. In: Brassard [6], pp. 416–427
Dods, C., Smart, N.P., Stam, M.: Hash Based Digital Signature Schemes. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 96–115. Springer, Heidelberg (2005)
Even, S., Goldreich, O., Micali, S.: On-Line/Off-Line Digital Signatures. Journal of Cryptology 9(1), 35–67 (1996)
Hellman, M.: A Cryptanalytic Time-Memory Trade Off. IEEE Transactions on Information Theory 26(4), 401–406 (1980)
Hevia, A., Micciancio, D.: The Provable Security of Graph-Based One-time Signatures and Extensions to Algebraic Signature Schemes. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 379–396. Springer, Heidelberg (2002)
Merkle, R.C.: A Certified Digital Signature. In: Brassard [6], pp. 218–238
Merkle, R.C.: One Way Hash Functions and DES. In: Brassard [6], pp. 428–446
Neven, G., Smart, N., Warinschi, B.: Hash Function Requirements for Schnorr Signatures. Journal of Mathematical Cryptology 3(1), 69–87 (2009)
Preneel, B.: Analysis and Design of Cryptographic Hash Functions. Ph.D. thesis, Katholieke Universiteit Leuven (1993)
Rivest, R.L.: The MD6 Hash Function – a Proposal to NIST for SHA-3. Submission to NIST (2008)
Rogaway, P., Shrimpton, T.: Cryptographic Hash-Function Basics: Definitions, Implications and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. In: Roy, B.K., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)
Rogaway, P.: On the Role Definitions in and Beyond Cryptography. In: Maher, M.J. (ed.) ASIAN 2004. LNCS, vol. 3321, pp. 13–32. Springer, Heidelberg (2004)
Rogaway, P.: Formalizing Human Ignorance. In: Nguyen, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 211–228. Springer, Heidelberg (2006)
Stam, M.: Blockcipher-Based Hashing Revisited. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 67–83. Springer, Heidelberg (2009)
Verheul, E.R.: Selecting Secure Passwords. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 49–66. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Andreeva, E., Stam, M. (2011). The Symbiosis between Collision and Preimage Resistance. In: Chen, L. (eds) Cryptography and Coding. IMACC 2011. Lecture Notes in Computer Science, vol 7089. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25516-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-25516-8_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25515-1
Online ISBN: 978-3-642-25516-8
eBook Packages: Computer ScienceComputer Science (R0)