Recent developments in cryptographic hash functions: Security implications and future directions

One of the most important classes of cryptographic algorithms in current use is the class of cryptographic hash functions. Hash functions are ubiquitous in today's IT systems and have a wide range of applications in security protocols and schemes, such as providing software integrity, digital signatures, message authentication and password protection. Among their many security requirements, cryptographic hash function algorithms need to feature a property known as collision resistance, that is, it must be infeasible to construct two distinct inputs with the same hash output. This article provides an overview of cryptographic hash functions and some of the recent developments affecting their security, namely the discovery of efficient methods for constructing collisions for algorithms such as MD5 and SHA-1. We also discuss the many implications of these recent attacks, and the possible directions for the development of the theory of hash functions.

[1]  Gideon Yuval,et al.  How to Swindle Rabin , 1979, Cryptologia.

[2]  Susan Landau,et al.  Find Me a Hash , 2006 .

[3]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[4]  Eric Rescorla,et al.  Deploying a New Hash Algorithm , 2006, NDSS.

[5]  John Black,et al.  Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV , 2002, CRYPTO.

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[9]  Hui Chen,et al.  Cryptanalysis of the Hash Functions MD4 and RIPEMD , 2005, EUROCRYPT.

[10]  Hans Dobbertin Cryptanalysis of MD4 , 1996, FSE.

[11]  Antoine Joux,et al.  Collisions of SHA-0 and Reduced SHA-1 , 2005, EUROCRYPT.

[12]  Xiaoyun Wang,et al.  Colliding X.509 Certificates , 2005, IACR Cryptol. ePrint Arch..

[13]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[14]  William Stallings,et al.  THE ADVANCED ENCRYPTION STANDARD , 2002, Cryptologia.

[15]  Stephen M. Matyas,et al.  The data encryption standard , 1997, Inf. Secur. Tech. Rep..

[16]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[17]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[18]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.