Discrete Logarithm Variants of VSH

Recent attacks on standardised hash functions such as SHA1 have reawakened interest in design strategies based on techniques common in provable security. In presenting the VSH hash function, a design based on RSA-like modular exponentiation, the authors introduce VSH-DL, a design based on exponentiation in DLP-based groups. In this article we explore a variant of VSH-DL that is based on cyclotomic subgroups of finite fields; we show that one can trade-off performance against bandwidth by using known techniques in such groups. Further, we investigate a variant of VSH-DL based on elliptic curves and extract a tighter reduction to the underlying DLP in comparison to the original VSH-DL proposal.

[1]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[2]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[3]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[4]  Daniel R. L. Brown Multi-Dimensional Montgomery Ladders for Elliptic Curves , 2006, IACR Cryptol. ePrint Arch..

[5]  David Chaum,et al.  Advances in Cryptology — EUROCRYPT’ 87 , 2000, Lecture Notes in Computer Science.

[6]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[7]  Jeffrey Shallit,et al.  Algorithmic Number Theory , 1996, Lecture Notes in Computer Science.

[8]  Arjen K. Lenstra,et al.  Efficient Subgroup Exponentiation in Quadratic and Sixth Degree Extensions , 2002, CHES.

[9]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[10]  Xiaoyun Wang,et al.  Efficient Collision Search Attacks on SHA-0 , 2005, CRYPTO.

[11]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[12]  Martijn Stam,et al.  A Comparison of CEILIDH and XTR , 2004, ANTS.

[13]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.

[14]  Alfred Menezes,et al.  Software Implementation of the NIST Elliptic Curves Over Prime Fields , 2001, CT-RSA.

[15]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[16]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[17]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[18]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[19]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[20]  Robert Granger,et al.  On small degree extension fields in cryptology , 2005 .

[21]  Ron Steinfeld,et al.  VSH, an Efficient and Provable Collision Resistant Hash Function , 2006, IACR Cryptol. ePrint Arch..

[22]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[23]  Arjen K. Lenstra,et al.  The XTR Public Key System , 2000, CRYPTO.

[24]  Ivan Damgård,et al.  Collision Free Hash Functions and Public Key Signature Schemes , 1987, EUROCRYPT.

[25]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[26]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[27]  Markku-Juhani O. Saarinen Security of VSH in the Real World , 2006, INDOCRYPT.

[28]  Alice Silverberg,et al.  Torus-Based Cryptography , 2003, CRYPTO.

[29]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[30]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[31]  Ralph C. Merkle,et al.  A fast software one-way hash function , 1990, Journal of Cryptology.

[32]  Arjen K. Lenstra,et al.  Using Cyclotomic Polynomials to Construct Efficient Discrete Logarithm Cryptosystems Over Finite Fields , 1997, ACISP.