Abstract
This paper describes the state of the art for cryptographic hash functions. Different definitions are compared, and the few theoretical results on hash functions are discussed. A brief overview is presented of the most important constructions, and some open problems are presented.
F.W.O. postdoctoral researcher, sponsored by the Fund for Scientific Research-Flanders (Belgium).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
W. Aiello, R. Venkatesan, “Foiling birthday attacks in length-doubling transformations. Benes: a non-reversible alternative to Feistel,” Advances in Cryptology, Proceedings Eurocrypt’96, LNCS 1070, U. Maurer, Ed., Springer-Verlag, 1996, pp. 307–320.
W. Aiello, S. Haber, R. Venkatesan, “New constructions for secure hash functions,” Fast Software Encryption, LNCS 1372, S. Vaudenay, Ed., Springer-Verlag, 1998, pp. 150–167.
M. Ajtai, “Generating hard instances of lattice problems,” Proc. 28th ACM Symposium on the Theory of Computing, 1996, pp. 99–108.
R. Anderson, E. Biham, “Tiger: A new fast hash function,” Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 89–97.
M. Bellare, R. Canetti, H. Krawczyk, “Pseudorandom functions revisited: The cascade construction and its concrete security,” Proc. 37th Annual Symposium on the Foundations of Computer Science, IEEE, 1996, pp. 514–523. Full version via http://www-cse.ucsd.edu/users/mihir.
M. Bellare, O. Goldreich, S. Goldwasser, “Incremental cryptography: the case of hashing and signing,” Advances in Cryptology, Proceedings Crypto’94, LNCS 839, Y. Desmedt, Ed., Springer-Verlag, 1994, pp. 216–233.
M. Bellare, J. Kilian, P. Rogaway, “The security of cipher block chaining,” Advances in Cryptology, Proceedings Crypto’94, LNCS 839, Y. Desmedt, Ed., Springer-Verlag, 1994, pp. 341–358.
M. Bellare, D. Micciancio, “A new paradigm for collision-free hashing: incrementality at reduced cost,” Advances in Cryptology, Proceedings Eurocrypt’97, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 163–192.
M. Bellare, P. Rogaway, “Random oracles are practical: a paradigm for designing efficient protocols,” Proc. 1st ACM Conference on Computer and Communications Security, ACM, 1993, pp. 62–73.
M. Bellare, P. Rogaway, “Collision-resistant hashing: towards making UOWHFs practical,” Advances in Cryptology, Proceedings Crypto’97, LNCS 1294, B. Kaliski, Ed., Springer-Verlag, 1997, pp. 470–484.
E. Biham, A. Shamir, “Differential Cryptanalysis of the Data Encryption Standard,” Springer-Verlag, 1993.
D. Boneh, M. Franklin, “Efficient generation of shared RSA keys,” Advances in Cryptology, Proceedings Crypto’97, LNCS 1294, B. Kaliski, Ed., Springer-Verlag, 1997, pp. 425–439.
B.O. Brachtl, D. Coppersmith, M.M. Hyden, S.M. Matyas, C.H. Meyer, J. Oseas, S. Pilpel, M. Schilling, “Data Authentication Using Modification Detection Codes Based on a Public One Way Encryption Function,” U.S. Patent Number 4,908,861, March 13, 1990.
P. Camion, J. Patarin, “The knapsack hash function proposed at Crypto’89 can be broken,” Advances in Cryptology, Proceedings Eurocrypt’91, LNCS 547, D.W. Davies, Ed., Springer-Verlag, 1991, pp. 39–53.
J.L. Carter, M.N. Wegman, “Universal classes of hash functions,” Journal of Computer and System Sciences, Vol. 18, 1979, pp. 143–154.
F. Chabaud, A. Joux, “Differential collisions: an explanation for SHA-1,” Advances in Cryptology, Proceedings Crypto’98, LNCS 1462, H. Krawczyk, Ed., Springer-Verlag, 1998, pp. 56–71.
C. Charnes, J. Pieprzyk, “Attacking the SL 2 hashing scheme,” Advances in Cryptology, Proceedings Asiacrypt’94, LNCS 917, J. Pieprzyk and R. Safavi-Naini, Eds., Springer-Verlag, 1995, pp. 322–330.
D. Chaum, E. van Heijst, B. Pfitzmann, “Cryptographically strong undeniable signatures, unconditionally secure for the signer,” Advances in Cryptology, Proceedings Crypto’91, LNCS 576, J. Feigenbaum, Ed., Springer-Verlag, 1992, pp. 470–484.
D. Coppersmith, “Another birthday attack,” Advances in Cryptology, Proceedings Crypto’85, LNCS 218, H.C. Williams, Ed., Springer-Verlag, 1985, pp. 14–17.
D. Coppersmith, “Analysis of ISO/CCITT Document X.509 Annex D,” IBM T. J. Watson Center, Yorktown Heights, N.Y., 10598, Internal Memo, June 11, 1989, (also ISO/IEC JTC1/SC20/WG2/N160).
D. Coppersmith, B. Preneel, “Comments on MASH-1 and MASH-2,” February 21, 1995, ISO/IEC JTC1/SC27/N1055.
T. Cormen, C. Leierson, R. Rivest, “Introduction to Algorithms,” McGraw-Hill, 1992.
J. Daemen, C. Clapp, “Fast hashing and stream encryption with PANAMA,” Fast Software Encryption, LNCS 1372, S. Vaudenay, Ed., Springer-Verlag, 1998, pp. 60–74.
I.B. Damgård, “Collision free hash functions and public key signature schemes,” Advances in Cryptology, Proceedings Eurocrypt’87, LNCS 304, D. Chaum and W.L. Price, Eds., Springer-Verlag, 1988, pp. 203–216.
I.B. Damgård, “The application of claw free functions in cryptography,” PhD Thesis, Aarhus University, Mathematical Institute, 1988.
I.B. Damgård, “A design principle for hash functions,” Advances in Cryptology, Proceedings Crypto’89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 416–427.
I.B. Damgård, T.P. Pedersen, B. Pfitzmann, “On the existence of statistically hiding bit commitment schemes and fail-stop signatures,” Advances in Cryptology, Proceedings Crypto’93, LNCS 773, D. Stinson, Ed., Springer-Verlag, 1994, pp. 250–265.
D. Davies, W. L. Price, “The application of digital signatures based on public key cryptosystems,” NPL Report DNACS 39/80, December 1980.
B. den Boer, A. Bosselaers, “An attack on the last two rounds of MD4,” Advances in Cryptology, Proceedings Crypto’ 91, LNCS 576, J. Feigenbaum, Ed., Springer-Verlag, 1992, pp. 194–203.
B. den Boer, A. Bosselaers, “Collisions for the compression function of MD5,” Advances in Cryptology, Proceedings Eurocrypt’93, LNCS 765, T. Helleseth, Ed., Springer-Verlag, 1994, pp. 293–304.
W. Diffie, M.E. Hellman, “New directions in cryptography,” IEEE Trans. on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644–654.
H. Dobbertin, “RIPEMD with two-round compress function is not collisionfree,” Journal of Cryptology, Vol. 10, No. 1, 1997, pp. 51–69.
H. Dobbertin, “Cryptanalysis of MD4,” Journal of Cryptology, Vol. 11, No. 4, 1998, pp. 253–271. See also Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 53-69.
H. Dobbertin, “The status of MD5 after a recent attack,” CryptoBytes, Vol. 2, No. 2, Summer 1996, pp. 1–6.
H. Dobbertin, “The first two rounds of MD4 are not one-way,” Fast Software Encryption, LNCS 1372, S. Vaudenay, Ed., Springer-Verlag, 1998, pp. 284–292.
H. Dobbertin, A. Bosselaers, B. Preneel, “RIPEMD-160: a strengthened version of RIPEMD,” Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 71–82. See also http://www.esat.kuleuven.ac.be/~bosselae/ripemd160
FIPS 46, “Data Encryption Standard,” Federal Information Processing Standard, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977 (revised as FIPS 46-1:1988; FIPS 46-2:1993).
FIPS 180, “Secure Hash Standard,” Federal Information Processing Standard (FIPS), Publication 180, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., May 11, 1993.
FIPS 180-1, “Secure Hash Standard,” Federal Information Processing Standard (FIPS), Publication 180-1, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., April 17, 1995.
Y. Frankel, P. D. MacKenzie, M. Yung, “Robust efficient distributed RSA-key generation,” Proc. 30th ACM Symposium on the Theory of Computing, 1998.
W. Geiselmann, “A note on the hash function of Tillich and Zémor,” Cryptography and Coding. 5th IMA Conference, C. Boyd, Ed., Springer-Verlag, 1995, pp. 257–263.
J.K. Gibson, “Some comments on Damgård’s hashing principle,” Electronics Letters, Vol. 26, No. 15, 1990, pp. 1178–1179.
J.K. Gibson, “Discrete logarithm hash function that is collision free and one way,” IEE Proceedings-E, Vol. 138, No. 6, November 1991, pp. 407–410.
E. Gilbert, F. Mac Williams, N. Sloane, “Codes which detect deception,” Bell System Technical Journal, Vol. 53, No. 3, 1974, pp. 405–424.
M. Girault, “Hash-functions using modulo-n operations,” Advances in Cryptology, Proceedings Eurocrypt’87, LNCS 304, D. Chaum and W.L. Price, Eds., Springer-Verlag, 1988, pp. 217–226.
M. Girault, R. Cohen, M. Campana, “A generalized birthday attack,” Advances in Cryptology, Proceedings Eurocrypt’88, LNCS 330, C.G. Günther, Ed., Springer-Verlag, 1988, pp. 129–156.
M. Girault, J.-F. Misarsky, “Selective forgery of RSA signatures using redundancy,” Advances in Cryptology, Proceedings Eurocrypt’97, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 495–507.
O. Goldreich, S. Goldwasser, S. Halevi, “Collision-free hashing from lattice problems,” Theory of Cryptography Library, http://philby.ucsd.edu/cryptolib.html, 96-09, July 1996.
M. Hellman, “A cryptanalytic time-memory tradeoff,” IEEE Trans. on Information Theory, Vol. IT-26, 1980, pp. 401–406.
R. Impagliazzo, M. Naor, “Efficient cryptographic schemes provably as secure as subset sum,” Journal of Cryptology, Vol. 9, No. 4, 1996, pp. 199–216.
ISO/IEC 10118, “Information technology-Security techniques-Hash-functions, Part 1: General”, 1994, “Part 2: Hash-functions using an n-bit block cipher algorithm,”, “Part 3: Dedicated hash-functions,” 1998, “Part 4: Hash-functions using modular arithmetic,” (FDIS) 1998.
A. Joux, L. Granboulan, “A practical attack against knapsack based hash functions,“ Advances in Cryptology, Proceedings Eurocrypt’'94, LNCS 950, A. De Santis, Ed., Springer-Verlag, 1995, pp. 58–66.
L.R. Knudsen, X. Lai, B. Preneel, “Attacks on fast double block length hash functions,” Journal of Cryptology, Vol. 11, No. 1, Winter 1998, pp. 59–72.
L.R. Knudsen, B. Preneel, “Fast and secure hashing based on codes,” Advances in Cryptology, Proceedings Crypto’97, LNCS 1294, B. Kaliski, Ed., Springer-Verlag, 1997, pp. 485–498.
X. Lai, J.L. Massey, “Hash functions based on block ciphers,” Advances in Cryptology, Proceedings Eurocrypt’92, LNCS 658, R.A. Rueppel, Ed., Springer-Verlag, 1993, pp. 55–70.
A. Lenstra, H. Lenstra, L. Lovász, “Factoring polynomials with rational coefficients,” Mathematischen Annalen, Vol. 261, pp. 515–534, 1982.
S.M. Matyas, C.H. Meyer, J. Oseas, “Generating strong one-way functions with cryptographic algorithm,” IBM Techn. Disclosure Bull,. Vol. 27, No. 10A, 1985, pp. 5658–5659.
A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography,” CRC Press, 1997.
R. Merkle, “Secrecy, Authentication, and Public Key Systems,” UMI Research Press, 1979.
R. Merkle, “One way hash functions and DES,” Advances in Cryptology, Proceedings Crypto’89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 428–446.
R. Merkle, “A fast software one-way hash function,” Journal of Cryptology, Vol. 3, No. 1, 1990, pp. 43–58.
R. Merkle, M. Hellman, “Hiding information and signatures in trapdoor knapsacks,” IEEE Trans. on Information Theory, Vol. IT-24, No. 5, 1978, pp. 525–530.
C.H. Meyer, M. Schilling, “Secure program load with Manipulation Detection Code,” Proc. Securicom 1988, pp. 111–130.
M. Naor, M. Yung, “Universal one-way hash functions and their cryptographic applications,” Proc. 21st ACM Symposium on the Theory of Computing, 1990, pp. 387–394.
A.M. Odlyzko, “The rise and fall of knapsack cryptosystems,” Cryptology and Computational Number Theory, C. Pomerance, Ed., Proc. Sympos. Appl. Math., Vol. 42, American Mathematical Society, 1990, pp. 75–88.
J. Patarin, “Collisions and inversions for Damg→d’s whole hash function,” Advances in Cryptology, Proceedings Asiacrypt’94, LNCS 917, J. Pieprzyk and R. Safavi-Naini, Eds., Springer-Verlag, 1995, pp. 307–321.
B. Preneel, “Analysis and design of cryptographic hash functions,“ Doctoral Dissertation, Katholieke Universiteit Leuven, 1993.
B. Preneel, “Cryptographic primitives for information authentication — State of the art,” State of the Art in Applied Cryptography, LNCS 1528, B. Preneel and V. Rijmen, Eds., Springer-Verlag, 1998, pp. 50–105.
B. Preneel, R. Govaerts, J. Vandewalle, “Hash functions based on block ciphers: a synthetic approach,” Advances in Cryptology, Proceedings Crypto’93, LNCS 773, D. Stinson, Ed., Springer-Verlag, 1994, pp. 368–378.
B. Preneel, P.C. vanOorschot, “MDx-MAC and building fast MACs from hash functions,” Advances in Cryptology, Proceedings Crypto’95, LNCS 963, D. Coppersmith, Ed., Springer-Verlag, 1995, pp. 1–14.
J.-J. Quisquater, J.-P. Delescaille, “How easy is collision search ? Application to DES,” Advances in Cryptology, Proceedings Eurocrypt’89, LNCS 434, J.-J. Quisquater and J. Vandewalle, Eds., Springer-Verlag, 1990, pp. 429–434.
J.-J. Quisquater, J.-P. Delescaille, “How easy is collision search. New results and applications to DES,” Advances in Cryptology, Proceedings Crypto’89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 408–413.
M.O. Rabin, “Digitalized signatures,” in “Foundations of Secure Computation,” R. Lipton, R. DeMillo, Eds., Academic Press, New York, 1978, pp. 155–166.
RIPE, “Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation (RIPE-RACE 1040),” LNCS 1007, A. Bosselaers and B. Preneel, Eds., Springer-Verlag, 1995.
R.L. Rivest, “The MD4 message digest algorithm,” Advances in Cryptology, Proceedings Crypto’90, LNCS 537, S. Vanstone, Ed., Springer-Verlag, 1991, pp. 303–311.
R.L. Rivest, “The MD5 message-digest algorithm,” Request for Comments (RFC) 1321, Internet Activities Board, Internet Privacy Task Force, April 1992.
R.L. Rivest, A. Shamir, L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications ACM, Vol. 21, February 1978, pp. 120–126.
J. Rompel, “One-way functions are necessary and sufficient for secure signatures,” Proc. 22nd ACM Symposium on the Theory of Computing, 1990, pp. 387–394.1998
A. Russell, “Necessary and sufficient conditions for collision-free hashing,” Journal of Cryptology, Vol. 8, No. 2, 1995, pp. 87–99.
G.J. Simmons, “A survey of information authentication,” in “Contemporary Cryptology: The Science of Information Integrity,” G.J. Simmons, Ed., IEEE Press, 1991, pp. 381–419.
G.J. Simmons, “How to insure that data acquired to verify treat compliance are trustworthy,” in “Contemporary Cryptology: The Science of Information Integrity,” G.J. Simmons, Ed., IEEE Press, 1991, pp. 615–630.
D. Simon, “Finding collisions on a one-way street: Can secure hash functions be based on general assumptions?” Advances in Cryptology, Proceedings Eurocrypt’ 98, LNCS 1403, K. Nyberg, Ed., Springer-Verlag, 1998, pp. 334–345.
D.R. Stinson, “Universal hashing and authentication codes,” Designs, Codes, and Cryptography, Vol. 4, No. 4, 1994, pp. 369–380. See also Advances in Cryptology, Proceedings Crypto’91, LNCS 576, J. Feigenbaum, Ed., Springer-Verlag, 1992, pp. 74–85.
J.-P. Tillich, G. Zémor, “Hashing with SL 2,” Advances in Cryptology, Proceedings Crypto’94, LNCS 839, Y. Desmedt, Ed., Springer-Verlag, 1994, pp. 40–49.
P.C. van Oorschot, M.J. Wiener, “Parallel collision search with application to hash functions and discrete logarithms,” Proc. 2nd ACM Conference on Computer and Communications Security, ACM, 1994, pp. 210–218 (final version to appear in Journal of Cryptology).
M.N. Wegman, J.L. Carter, “New hash functions and their use in authentication and set equality,” Journal of Computer and System Sciences, Vol. 22, No. 3, pp. 265–279.
G. Yuval, “How to swindle Rabin,” Cryptologia, Vol. 3, 1979, pp. 187–189.
G. Zémor, “Hash functions and Cayley graphs,” Designs, Codes, and Cryptography, Vol. 4, No. 4, 1994, pp. 381–394.
Y. Zheng, T. Matsumoto, H. Imai, “Connections between several versions of oneway hash functions,” Proc. SCIS90, The 1990 Symposium on Cryptography and Information Security, Nihondaira, Japan, Jan. 31-Feb. 2, 1990.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Preneel, B. (1999). The State of Cryptographic Hash Functions. In: Damgård, I.B. (eds) Lectures on Data Security. EEF School 1998. Lecture Notes in Computer Science, vol 1561. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48969-X_8
Download citation
DOI: https://doi.org/10.1007/3-540-48969-X_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65757-6
Online ISBN: 978-3-540-48969-6
eBook Packages: Springer Book Archive