Welcome to the resource topic for 2018/625
Title:
Better Than Advertised: Improved Collision-Resistance Guarantees for MD-Based Hash Functions
Authors: Mihir Bellare, Joseph Jaeger, Julia Len
Abstract:The MD transform that underlies the MD and SHA families iterates a compression function \mathsf{h} to get a hash function \mathsf{H}. The question we ask is, what property X of \mathsf{h} guarantees collision resistance (CR) of \mathsf{H}? The classical answer is that X itself be CR. We show that weaker conditions X, in particular forms of what we call constrained-CR, suffice. This reduces demands on compression functions, to the benefit of security, and also, forensically, explains why collision-finding attacks on compression functions have not, historically, lead to immediate breaks of the corresponding hash functions. We obtain our results via a definitional framework called RS security, and a parameterized treatment of MD, that also serve to unify prior work and variants of the transform.
ePrint: https://eprint.iacr.org/2018/625
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .