Revisiting Dedicated and Block Cipher based Hash Functions (original) (raw)

Design and analysis of hash functions

2007

A function that compresses an arbitrarily large message into a fixed small size ‘message digest’ is known as a hash function. For the last two decades, many types of hash functions have been defined but, the most widely used in many of the cryptographic applications currently are hash functions based on block ciphers and the dedicated hash functions. Almost all the dedicated hash functions are generated using the Merkle-Damgard construction which is developed independently by Merkle and Damgard in 1989 [6, 7]. A hash function is said to be broken if an attacker is able to show that the design of the hash function violates at least one of its claimed security property. There are various types of attacking strategies found on hash functions, such as attacks based on the block ciphers, attacks depending on the algorithm, attacks independent of the algorithm, attacks based on signature schemes, and high level attacks. Besides this, in recent years, many structural weaknesses have been f...

An Overview of Cryptographic Hash Functions

2002

Abstract This report gives a survey on cryptographic hash functions. It gives an overview of different types of hash functions and reviews design principles. It also focuses on keyed hash functions and suggests some applications and constructions of keyed hash functions. We have used hash (keyed) function for authenticating messages encrypted using Rijndael [1] block cipher. Moreover, a parallel message digest has been implemented using VHDL.

Cryptographic hash functions: recent design trends and security notions

2010

Recent years have witnessed an exceptional research interest in cryptographic hash functions, especially after the popular attacks against MD5 and SHA-1 in 2005. In 2007, the U.S. National Institute of Standards and Technology (NIST) has also significantly boosted this interest by announcing a public competition to select the next hash function standard, to be named SHA-3. Not surprisingly, the hash function literature has since been rapidly growing in an extremely fast pace. In this paper, we provide a comprehensive, up-to-date discussion of the current state of the art of cryptographic hash functions security and design. We first discuss the various hash functions security properties and notions, then proceed to give an overview of how (and why) hash functions evolved over the years giving raise to the current diverse hash functions design approaches. * A short version of this paper is in . This version has been thoroughly extended. An identical version has been uploaded to the Cryptology ePrint Archive: eprint.iacr.org/2011/565

CRYPTOGRAPHIC HASH FUNCTIONS –A SURVEY

The use of cryptography started from late 1970s and became more prominent in 1980s.Commercial use of cryptograghy started in late 1990s.Many organization started using cryptographic tools for information security but many security challenges were faced by the organizations.The cryptographic designs were having more security flaws.The use of cryptography functions started from MD5 and SHA-1.Now we are going to enter into digital era ,therefore it is very important to discuss the role of cryptographic functions in our day to day activities. Cryptographic functions are used for encryption, digital signatures, secure hashing, message (data) authentication codes, key management, entity authentication, password, and random number generation etc. This paper explains the history of the usage ,design,concept, and the applications of hash functions.

Cryptographic Hash Functions and Attacks – A Detailed Study

International Journal of Advanced Research in Computer Science, 2020

The term hash function has been used in computer science from quite some time and it refers to a function that compresses a string of arbitrary input to a string of fixed length. Cryptographic hash functions are one of the most important tools in the field of cryptography and are used to achieve a number of security goals like authenticity, digital signatures, pseudo number generation, digital steganography, digital time stamping etc. For the past few decades cryptographic hash function become the centre of attention in the cryptographic community. The security of hash function became an important topic as almost every day the world of hash function is facing a new attack. The present paper provides an extensive study on cryptographic hash functions with their applications, properties and detailed classification and also presents a detailed description of cryptographic hash algorithms. It also discusses a general classification of all kinds of possible attacks on hash function analyses some attacks on specific hash functions.

On the security of dedicated hash functions

1998

Cryptographic hash functions are an important building block for a wide range of applications such as the authentication of information, digital signatures and the protection of pass-phrases. The most popular hash functions are the custom designed iterative hash functions from the MD4 family. Over the years various results on the cryptanalysis of these functions have become available and this paper intends to summarize these results and their impact. We will describe attacks on MD4, MD5 and RIPEMD, and discuss the design and security of the hash functions SHA-1 and RIPEMD-160 which are included in the new standard ISO/IEC 10118-3.

Various Security Analysis of a pfCM-MD Hash Domain Extension and Applications based on the Extension

We propose a new hash domain extension a prefix-free-Counter-Masking- MD (pfCM-MD). And, among security notions for the hash function, we focus on the indifferentiable security notion by which we can check whether the structure of a given hash function has any weakness or not. Next, we consider the security of HMAC, two new prf constructions, NIST SP 800-56A key derivation function, and the randomized hashing in NIST SP 800-106, where all of them are based on the pfCM-MD. Especially, due to the counter of the pfCM-MD, the pfCM-MD are secure against all of generic second-preimage attacks such as Kelsey-Schneier attack (20) and Elena et al.' attck (1). Our proof technique and most of notations follow those in (6,3,4). Since a standard hash function may be used in various areas, it is very important to identify security requirements of the hash function for the implementation of secure cryptosystems in each area. Based on such information, designers of hash functions do the best so that a developed hash algorithm may satisfy all of the security requirements. Usually, the security requirements are concentrated on the underlying compression function because most of hash functions are designed with a domain extension and an underlying compression function. Therefore, we have to know what kinds of security requirements are needed for the underlying compression function. For development of SHA-3, NIST (28) recently announced that HMAC (5), alternative pseu- dorandom function (in short, prf) constructions (which are not fixed and will be proposed by designers of SHA-3 candidate), NIST SP 800-56A key derivation function (25), the randomized hashing in NIST SP 800-106 (27) and pseudorandom-bit generator (26) based on a new hash function should be secure. In this paper, except for pseudorandom-bit generator (26), we consider the security requirements of the underlying compression function of our new domain extension "pfCM-MD" for their securities. In the case of pseudorandom-bit generator (26), there are two constructions : HMAC DRBG and Hash DRBG. The security of HMAC DRBG depends on the prf security of HMAC based on a underlying hash function (19). Since we prove the prf security of HMAC based on pfCM-MD in Sect. 4, if the compression function of pfCM-MD satisfies some security requirements described in Sect. 4, the security of HMAC DRBG based on pfCM-MD are guaranteed. In the case of Hash DRBG, T = H(Z)||H(Z +1)|| � � � || H(Z + i) is used as a pseudorandom bit string where H is a hash function, Z is a secret value, and Z is newly updated whenever the bit length of T is larger than 219 − 1. When the bit-size of Z is less than the block size b of the compression function (see Sect. 2), it can be easily shown that the security of Hash DRBG depends on the rka-prf of the compression function of a hash function in the related-key attack model.

Engineering Aspects of Hash Functions

cerc.wvu.edu

Hash functions have numerous applications in cryptography, from public key to cryptographic protocols and cryptosystems. Evidently, substantial effort was invested on designing "secure" hash functions, unintentionally overlooking other engineering aspects that may affect their use in practice. However, we argue that in some applications, the efficiency of hash functions is as important as their security. Unlike most of the existing related works in the literature (which merely report on efficiency figures of some popular hash functions without discussing how and why these results were obtained), we not only discuss how to carry out efficiency evaluations, we also provide a set of optimization guidelines to assist implementers in optimizing their implementations. We demonstrate this by adopting an existing SHA-1/SHA-2 implementation and show how minor optimization can lead to significant efficiency improvements.

A Critical Look at Cryptographic Hash Function Literature

The cryptographic hash function literature has numerous hash function definitions and hash function requirements, and many of them disagree. This survey talks about the various definitions, and takes steps towards cleaning up the literature by explaining how the field has evolved and accurately depicting the research aims people have today.

MOIM: A NOVEL DESIGN OF CRYPTOGRAPHIC HASH FUNCTION

A hash function usually has two main components: a compression function or permutation function and mode of operation. In this paper, we propose a new concrete novel design of a permutation based hash functions called MOIM. MOIM is based on concatenating two parallel fast wide pipe constructions as a mode of operation designed by Nandi and Paul, and presented at Indocrypt 2010 where the size of the internal state is significantly larger than the size of the output. And the permutations functions used in MOIM are inspired from the SHA-3 finalist Grøstl hash function which is originally inspired from Rijndael design (AES). As a consequence there is a very strong confusion and diffusion in MOIM. Also, we show that MOIM resists all the generic attacks and Joux attack in two defense security levels.