Universal One-Way Hash Functions
- 177 Downloads
A Universal One-Way Hash Function (UOWHF) is a class of hash functions indexed by a public parameter (called a key), for which finding a second preimage is hard. The main idea is that first the challenge input is selected, and subsequently the function instance (or parameter) is chosen. Only then should the opponent try to find a second input with the same output as the challenge. A UOWHF is a weaker notion than a collision resistanthash function (CRHF). In a CRHF, the opponent is first given the key and then he has to produce two colliding inputs. Finding collisions for a fixed parameter of a UOWHF may be rather easy, but this will not help the opponent to violate the security requirement, as the instance is chosen after the challenge. This also implies that the birthday paradox does not apply to a UOWHF and a hash result of 80 bits may offer adequate security (in 2004). Simon  has shown that there exists an oracle relative to which a UOWHF exists, but no CRHF.
The concept of UOWHF...
- Bellare, M. and P. Rogaway (1997). “Collision-resistant hashing: Towards making UOWHFs practical.” Advances in Cryptology—CRYPTO'97, Lecture Notes in Computer Science, vol. 1294, ed. B. Kaliski. Springer-Verlag, Berlin, 470–484.Google Scholar
- Lee, W., D. Chang, S. Lee, S. Sung, and N. Nandi (2003). “New parallel domain extenders for UOWHFs.” Advances in Cryptology—ASIACRYPT 2003, Lecture Notes in Computer Science, vol. 2894, ed. C.S. Lai. Springer-Verlag, Berlin, 208–227.Google Scholar
- Mironov, I. (2001). “Hash functions: from Merkle-Damgård to Shoup.” Advances in Cryptology—EUROCRYPT 2001, Lecture Notes in Computer Science, vol. 2045, ed. B. Pfitzmann. Springer-Verlag, Berlin, 166–181.Google Scholar
- Naor, M. and M. Yung (1990). “Universal one-way hash functions and their cryptographic applications.” Proceedings of 21st ACM Symposium on the Theory of Computing, 387–394.Google Scholar
- Rompel, J. (1990). “One-way functions are necessary and sufficient for secure signatures.” Proceedings of 22nd ACM Symposium on the Theory of Computing, ACM, New York, 387–394.Google Scholar
- Shoup, V. (2000). “A composition theorem for universal one-way hash functions.” Advances in Cryptology—EUROCRYPT 2000, Lecture Notes in Computer Science, vol. 1807, ed. B. Preneel. Springer-Verlag, Berlin, 445–452.Google Scholar
- Simon, D. (1998). “Finding collisions on a one-way street: Can secure hash functions be based on general assumptions?” Advances in Cryptology—EUROCRYPT'98, Lecture Notes in Computer Science, vol. 1403, ed. K. Nyberg. Springer-Verlag, Berlin, 334–345.Google Scholar
- Zheng, Y., T. Matsumoto, and H. Imai (1990). “Connections between several versions of one way hash functions.” Transactions on IEICE E, E73 (7), 1092–1099.Google Scholar