Collision Resistant Hashing for Paranoids: Dealing with Multiple Collisions

A collision resistant hash (CRH) function is one that compresses its input, yet it is hard to find a collision, i.e. a \(x_1 \ne x_2\) s.t. \(h(x_1) = h(x_2)\). Collision resistant hash functions are one of the more useful cryptographic primitives both in theory and in practice and two prominent applications are in signature schemes and succinct zero-knowledge arguments.

[1]  Ueli Maurer,et al.  Domain Extension of Public Random Functions: Beyond the Birthday Barrier , 2007, CRYPTO.

[2]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[3]  Amit Sahai,et al.  Can Statistical Zero Knowledge Be Made Non-interactive? or On the Relationship of SZK and NISZK , 1998, CRYPTO.

[4]  Omer Reingold,et al.  Finding Collisions in Interactive Protocols - Tight Lower Bounds on the Round and Communication Complexities of Statistically Hiding Commitments , 2015, SIAM J. Comput..

[5]  Antoine Joux,et al.  Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions , 2004, CRYPTO.

[6]  Oded Goldreich,et al.  Universal arguments and their applications , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[7]  Venkatesan Guruswami,et al.  Linear time encodable and list decodable codes , 2003, STOC '03.

[8]  Boaz Barak,et al.  How to go beyond the black-box simulation barrier , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[9]  Don Coppersmith,et al.  Another Birthday Attack , 1986, CRYPTO.

[10]  Jonathan Katz,et al.  On Constructing Universal One-Way Hash Functions from Arbitrary One-Way Functions , 2005, IACR Cryptol. ePrint Arch..

[11]  Enkatesan G Uruswami Unbalanced expanders and randomness extractors from Parvaresh-Vardy codes , 2008 .

[12]  Yael Tauman Kalai,et al.  Multi-collision resistance: a paradigm for keyless hash functions , 2018, IACR Cryptol. ePrint Arch..

[13]  Amnon Ta-Shma,et al.  Explicit, almost optimal, epsilon-balanced codes , 2017, Electron. Colloquium Comput. Complex..

[14]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[15]  Christos H. Papadimitriou,et al.  On the Complexity of the Parity Argument and Other Inefficient Proofs of Existence , 1994, J. Comput. Syst. Sci..

[16]  Victor Shoup,et al.  A Composition Theorem for Universal One-Way Hash Functions , 2000, EUROCRYPT.

[17]  Ilya Mironov,et al.  Collision-Resistant No More: Hash-and-Sign Paradigm Revisited , 2006, Public Key Cryptography.

[18]  Russell Impagli A Personal View of Average-Case Complexity , 1995 .

[19]  Gil Segev,et al.  Limits on the Power of Indistinguishability Obfuscation and Functional Encryption , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[20]  Venkatesan Guruswami,et al.  Improved decoding of Reed-Solomon and algebraic-geometry codes , 1999, IEEE Trans. Inf. Theory.

[21]  Brett Hemenway,et al.  Linear-Time List Recovery of High-Rate Expander Codes , 2015, ICALP.

[22]  Ivan Damgård,et al.  On the existence of statistically hiding bit commitment schemes and fail-stop signatures , 1994, Journal of Cryptology.

[23]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[24]  Rafail Ostrovsky,et al.  Perfect Zero-Knowledge Arguments for NP Using Any One-Way Permutation , 1998, Journal of Cryptology.

[25]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[26]  Marc Girault,et al.  A Generalized Birthday Attack , 1988, EUROCRYPT.

[27]  Moni Naor,et al.  White-Box vs. Black-Box Complexity of Search Problems: Ramsey and Graph Property Testing , 2017, 2017 IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS).

[28]  Leonid A. Levin,et al.  Pseudo-random Generation from one-way functions (Extended Abstracts) , 1989, STOC 1989.

[29]  John P. Steinberger,et al.  Domain Extension for MACs Beyond the Birthday Barrier , 2011, EUROCRYPT.

[30]  Jacques Stern,et al.  On the Length of Cryptographic Hash-Values Used in Identification Schemes , 1994, CRYPTO.

[31]  Leonid Reyzin,et al.  Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? , 2004, CRYPTO.

[32]  Venkatesan Guruswami,et al.  Linear-Time List Decoding in Error-Free Settings: (Extended Abstract) , 2004, ICALP.

[33]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[34]  Omer Reingold,et al.  Statistically Hiding Commitments and Statistical Zero-Knowledge Arguments from Any One-Way Function , 2009, SIAM J. Comput..

[35]  Daniel R. Simon,et al.  Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? , 1998, EUROCRYPT.

[36]  Ivan Damgård,et al.  Statistical Secrecy and Multibit Commitments , 1998, IEEE Trans. Inf. Theory.

[37]  Eran Omri,et al.  Parallel Hashing via List Recoverability , 2015, CRYPTO.

[38]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[39]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[40]  Brett Hemenway,et al.  Local List Recovery of High-Rate Tensor Codes & Applications , 2017, 2017 IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS).

[41]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[42]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[43]  Atri Rudra,et al.  Efficiently Decodable Compressed Sensing by List-Recoverable Codes and Recursion , 2012, STACS.

[44]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[45]  Christos H. Papadimitriou,et al.  On Total Functions, Existence Theorems and Computational Complexity , 1991, Theor. Comput. Sci..

[46]  Ron Rothblum,et al.  Multi Collision Resistant Hash Functions and their Applications , 2018, Electron. Colloquium Comput. Complex..

[47]  Brett Hemenway,et al.  Linear-Time List Recovery of High-Rate Expander Codes , 2015, ICALP.

[48]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[49]  Noga Alon,et al.  Simple construction of almost k-wise independent random variables , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[50]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[51]  Mihir Bellare,et al.  Collision-Resistant Hashing: Towards Making UOWHFs Practical , 1997, CRYPTO.

[52]  Marc Stevens,et al.  The First Collision for Full SHA-1 , 2017, CRYPTO.

[53]  Noga Alon,et al.  Simple Construction of Almost k-wise Independent Random Variables , 1992, Random Struct. Algorithms.

[54]  Mihalis Yannakakis,et al.  How easy is local search? , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[55]  Noga Alon,et al.  The Probabilistic Method , 2015, Fundamentals of Ramsey Theory.

[56]  Hoeteck Wee,et al.  One-Way Permutations, Interactive Hashing and Statistically Hiding Commitments , 2007, TCC.

[57]  Yu Sasaki,et al.  Quantum Multicollision-Finding Algorithm , 2017, ASIACRYPT.

[58]  Jonathan Katz,et al.  Reducing Complexity Assumptions for Statistically-Hiding Commitment , 2009, Journal of Cryptology.

[59]  Venkatesan Guruswami,et al.  Near-optimal linear-time codes for unique decoding and new list-decodable codes over smaller alphabets , 2002, STOC '02.

[60]  Russell Impagliazzo,et al.  One-way functions are essential for complexity based cryptography , 1989, 30th Annual Symposium on Foundations of Computer Science.