CRUSH: A New Cryptographic Hash Function using Iterated Halving Technique

Most of the currently accepted designs for cryptographic hash functions are in the style of a block cipher in feed-forward mode. With increasing interest in all forms of cryptanalysis, this limited choice might become a single point of failure in computer security, and so we seek alternative paradigms. In this paper an entirely new approach, based on iterated halving (IH), is proposed for the design of secure and efficient hash functions. This class of algorithms may be instantiated with any reduced round block cipher, allowing a subtle security/performance tradeoff and a direct performance comparison with the existing approach. We present details of a new hash function, “CRUSH”, from the IH class.

[1]  Pil Joong Lee,et al.  HAS-V: A New Hash Function with Variable Output Length , 2000, Selected Areas in Cryptography.

[2]  Mitsuru Matsui,et al.  Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis , 2000, Selected Areas in Cryptography.

[4]  Thomas A. Berson,et al.  Differential Cryptanalysis Mod 2^32 with Applications to MD5 , 1992, EUROCRYPT.

[5]  Bruce Schneier,et al.  Unbalanced Feistel Networks and Block Cipher Design , 1996, FSE.

[6]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[7]  Eli Biham A Note on Comparing the AES Candidates , 1999 .

[8]  Jennifer Seberry,et al.  HAVAL - A One-Way Hashing Algorithm with Variable Length of Output , 1992, AUSCRYPT.

[9]  Vincent Rijmen,et al.  The WHIRLPOOL Hashing Function , 2003 .

[10]  James L. Massey,et al.  SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm , 1993, FSE.

[11]  Marc Girault,et al.  FFT Hashing is not Collision-free , 1992, EUROCRYPT.

[12]  Gideon Yuval,et al.  How to Swindle Rabin , 1979, Cryptologia.

[13]  Joan Daemen,et al.  Fast Hashing and Stream Encryption with PANAMA , 1998, FSE.

[14]  Shoichi Hirose Secure Block Ciphers Are Not Sufficient for One-Way Hash Functions in the Preneel-Govaerts-Vandewalle Model , 2002, Selected Areas in Cryptography.

[15]  Joos Vandewalle,et al.  Hash Functions Based on Block Ciphers: A Synthetic Approach , 1993, CRYPTO.

[16]  Matthew J. B. Robshaw,et al.  Analysis of SHA-1 in Encryption Mode , 2001, CT-RSA.

[17]  Palash Sarkar,et al.  PARSHA-256- - A New Parallelizable Hash Function and a Multithreaded Implementation , 2003, FSE.

[18]  Eli Biham,et al.  Rectangle Attacks on 49-Round SHACAL-1 , 2003, FSE.

[19]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[20]  Serge Vaudenay,et al.  FFT-Hash-II is not yet Collision-free , 1992, CRYPTO.

[21]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[22]  Jongsung Kim,et al.  Impossible Differential Attack on 30-Round SHACAL-2 , 2003, INDOCRYPT.

[23]  Jongin Lim,et al.  On the Security of Reduced Versions of 3-Pass HAVAL , 2002, ACISP.

[24]  Shai Halevi,et al.  MARS - a candidate cipher for AES , 1999 .

[25]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[26]  Jongsung Kim,et al.  Amplified Boomerang Attack against Reduced-Round SHACAL , 2002, ASIACRYPT.

[27]  Claus-Peter Schnorr,et al.  FFT-Hash II, Efficient Cryptographic Hashing , 1992, EUROCRYPT.

[28]  Joos Vandewalle,et al.  Collisions for Schnorr's Hash Function FFT-Hash Presented at Crypto '91 , 1991, ASIACRYPT.

[29]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[30]  Pieter Retief Kasselman,et al.  Analysis and design of cryptographic hash functions , 1999 .

[31]  Vincent Rijmen,et al.  Producing Collisions for PANAMA , 2001, FSE.

[32]  Joos Vandewalle,et al.  Differential cryptanalysis of hash functions based on block ciphers , 1993, CCS '93.

[33]  Bruce Schneier,et al.  The Twofish Encryption Algorithm , 1999 .

[34]  Hans Dobbertin,et al.  Cryptanalysis of MD4 , 1996, Journal of Cryptology.

[35]  Lars R. Knudsen,et al.  New Attacks on all Double Block Length Hash Functions of Hash Rate 1, including the Parallel-DM , 1994, EUROCRYPT.

[36]  Alex Biryukov,et al.  Block Ciphers and Stream Ciphers: The State of the Art , 2004, IACR Cryptol. ePrint Arch..

[37]  Xuejia Lai,et al.  Security of Iterated Hash Functions Based on Block Ciphers , 1994, CRYPTO.

[38]  Eli Biham,et al.  Two Practical and Provably Secure Block Ciphers: BEARS and LION , 1996, FSE.

[39]  Bart Preneel,et al.  Cryptographic Primitives for Information Authentication - State of the Art , 1997, State of the Art in Applied Cryptography.

[40]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[41]  John Black,et al.  Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV , 2002, CRYPTO.

[42]  Bart Preneel NESSIE: A European Approach to Evaluate Cryptographic Algorithms , 2001, FSE.

[43]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[44]  Hans Dobbertin,et al.  The First Two Rounds of MD4 are Not One-Way , 1998, FSE.

[45]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[46]  Joos Vandewalle,et al.  Cryptanalysis of 3-Pass HAVAL , 2003, ASIACRYPT.

[47]  Helena Handschuh,et al.  Security Analysis of SHA-256 and Sisters , 2003, Selected Areas in Cryptography.

[48]  William Millan,et al.  Linear Redundancy in S-Boxes , 2003, FSE.

[49]  Serge Vaudenay,et al.  On the Need for Multipermutations: Cryptanalysis of MD4 and SAFER , 1994, FSE.

[50]  李幼升,et al.  Ph , 1989 .

[51]  Joan Daemen,et al.  Cipher and hash function design strategies based on linear and differential cryptanalysis , 1995 .

[52]  Antoon Bosselaers,et al.  An Attack on the Last Two Rounds of MD4 , 1991, CRYPTO.