Amplifying Collision Resistance: A Complexity-Theoretic Treatment

We initiate a complexity-theoretic treatment of hardness amplification for collision-resistant hash functions, namely the transformation of weakly collision-resistant hash functions into strongly collision-resistant ones in the standard model of computation. We measure the level of collision resistance by the maximum probability, over the choice of the key, for which an efficient adversary can find a collision. The goal is to obtain constructions with short output, short keys, small loss in adversarial complexity tolerated, and a good trade-off between compression ratio and computational complexity. We provide an analysis of several simple constructions, and show that many of the parameters achieved by our constructions are almost optimal in some sense.

[1]  Krzysztof Pietrzak,et al.  Non-trivial Black-Box Combiners for Collision-Resistant Hash-Functions Don't Exist , 2007, EUROCRYPT.

[2]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[3]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[4]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[5]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[6]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[7]  Ross Anderson,et al.  The Classification of Hash Functions , 1993 .

[8]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[9]  Phillip Rogaway,et al.  Formalizing Human Ignorance , 2006, VIETCRYPT.

[10]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[11]  Ronen Shaltiel Towards proving strong direct product theorems , 2003, computational complexity.

[12]  Leonid Reyzin,et al.  Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? , 2004, CRYPTO.

[13]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[14]  Marc Fischlin,et al.  Security-Amplifying Combiners for Collision-Resistant Hash Functions , 2007, CRYPTO.

[15]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[16]  Jean-Sébastien Coron,et al.  Merkle-Damgård Revisited: How to Construct a Hash Function , 2005, CRYPTO.

[17]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[18]  Daniel R. Simon Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? , 1998, EUROCRYPT.

[19]  J. K. Gibson Discrete logarithm hash function that is collision free and one way , 1991 .

[20]  Victor Shoup,et al.  A Composition Theorem for Universal One-Way Hash Functions , 2000, EUROCRYPT.

[21]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[22]  Luca Trevisan,et al.  On Hardness Amplification of One-Way Functions , 2005, TCC.

[23]  Phillip Rogaway,et al.  Formalizing Human Ignorance: Collision-Resistant Hashing without the Keys , 2006, IACR Cryptol. ePrint Arch..

[24]  Bruce Schneier One-way hash functions , 1991 .

[25]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[26]  Hans Dobbertin Cryptanalysis of MD4 , 1996, FSE.

[27]  Aravind Srinivasan,et al.  Chernoff-Hoeffding bounds for applications with limited independence , 1995, SODA '93.

[28]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.

[29]  Oded Goldreich,et al.  A Sample of Samplers - A Computational Perspective on Sampling (survey) , 1997, Electron. Colloquium Comput. Complex..

[30]  Dan Boneh,et al.  On the Impossibility of Efficiently Combining Collision Resistant Hash Functions , 2006, CRYPTO.

[31]  Giovanni Di Crescenzo,et al.  Randomness-Optimal Characterization of Two NP Proof Systems , 2002, RANDOM.

[32]  Bart Preneel,et al.  Construction of secure and fast hash functions using nonbinary error-correcting codes , 2002, IEEE Trans. Inf. Theory.

[33]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[34]  Phong Q. Nguyen Progress in Cryptology - VIETCRYPT 2006 , 2007 .

[35]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[36]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.