Skip to main content
SpringerLink
Log in
Book cover

Handbook of Information and Communication Security pp 59–79Cite as

Cryptographic Hash Functions

  • Chapter

Abstract

Cryptographic hash functions are an important tool of cryptography and play a fundamental role in efficient and secure information processing. A hash function processes an arbitrary finite length input message to a fixed length output referred to as the hash value. As a security requirement, a hash value should not serve as an image for two distinct input messages and it should be difficult to find the input message from a given hash value. Secure hash functions serve data integrity, non-repudiation and authenticity of the source in conjunction with the digital signature schemes. Keyed hash functions, also called message authentication codes (MACs) serve data integrity and data origin authentication in the secret key setting. The building blocks of hash functions can be designed using block ciphers, modular arithmetic or from scratch. The design principles of the popular Merkle–Damgård construction are followed in almost all widely used standard hash functions such as MD5 and SHA-1.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   349.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   449.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   599.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A.J. Menezes, P.C. Van Oorschot, S.A. Vanstone: Handbook of Applied Cryptography, Discrete Mathematics and its Applications, Vol. 1 (CRC Press, Boca Raton, FL 1997) pp. 321–383, Chap. 9

    MATH  Google Scholar 

  2. B. Preneel: Analysis and design of cryptographic hash functions. Ph.D. Thesis (Katholieke Universiteit Leuven, Leuven 1993)

    Google Scholar 

  3. D.R. Stinson: Cryptography: Theory and Practice, Discrete Mathematics and its Applications, Vol. 36, 3rd edn. (CRC Press, Boca Raton, FL 2005)

    Google Scholar 

  4. D.R. Stinson: Some observations on the theory of cryptographic hash functions, Des. Codes Cryptogr. 38(2), 259–277 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  5. I. Damgård: A design principle for hash functions. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 416–427

    Google Scholar 

  6. M. Bellare, R. Canetti, H. Krawczyk: Keying hash functions for message authentication. In: Advances in Cryptology – CRYPTO 1996, Lecture Notes in Computer Science, Vol. 1109, ed. by N. Koblitz (Springer, Berlin Heidelberg 1996) pp. 1–15

    Google Scholar 

  7. J. Kelsey: Truncation mode for SHA, NIST’s First Hash Function Workshop, October 2005, available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 12 October 2008)

  8. R. Merkle: One way Hash Functions and DES. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 428–446

    Google Scholar 

  9. X. Lai, J.L. Massey: Hash functions based on block ciphers. In: Advances in Cryptology – EUROCRYPT 1992, Lecture Notes in Computer Science, Vol. 658, ed. by R.A. Rueppel (Springer, Berlin Heidelberg 1992) pp. 55–70

    Chapter  Google Scholar 

  10. S. Hirose: A note on the strength of weak collision resistance, IEICE Trans. Fundam. E87-A(5), 1092–1097 (2004)

    Google Scholar 

  11. J.-S. Coron, Y. Dodis, C. Malinaud, P. Puniya: Merkle–Damgå rd revisited: How to construct a hash function. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 430–448

    Google Scholar 

  12. M. Bellare: New proofs for NMAC and HMAC: security without collision-resistance. In: Advances in Cryptology – CRYPTO 2006, Lecture Notes in Computer Science, Vol. 4117, ed. by C. Dwork (Springer, Berlin Heidelberg 2006)

    Chapter  Google Scholar 

  13. R.C. Merkle: A fast Software one-way hash function, J. Cryptol. 3(1), 43–58 (1990)

    Article  MATH  MathSciNet  Google Scholar 

  14. S. Lucks: A failure-friendly design principle for hash functions. In: Advances in Cryptology – ASIACRYPT 2005, Lecture Notes in Computer Science, Vol. 3788, ed. by B. Roy (Springer, Berlin Heidelberg 2005) pp. 474–494

    Chapter  Google Scholar 

  15. R. Rivest: The MD4 message digest algorithm. In: Advances in Cryptology – CRYPTO 1990, Lecture Notes in Computer Science, Vol. 537, ed. by A. Menezes, S.A. Vanstone (Springer, Berlin Heidelberg 1991) pp. 303–311

    Google Scholar 

  16. R. Rivest: RFC 1320: The MD4 message digest algorithm (April 1992), available at http://www.faqs.org/rfcs/rfc1320.html (accessed on 12 October 2008)

  17. R. Rivest: The MD5 message digest algorithm, Internet Request for Comment RFC 1321, Internet Engineering Task Force (April 1992)

    Google Scholar 

  18. National Institute of Standards and Technology: FIPS PUB 180: Secure hash standard (May 1993)

    Google Scholar 

  19. National Institute of Standards and Technology: Federal information processing standard (FIPS PUB 180-2) Secure Hash Standard (August 2002), available at http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf (accessed on 18 May 2008)

  20. National Institute of Standards and Technology: Federal information processing standard (FIPS PUB 180-3) secure hash standard (June 2007), available at http://csrc.nist.gov/publications/drafts/fips_180-3/draft_fips-180-3_June-08-2007.pdf (accessed on 22 July 2008)

  21. H. Dobbertin, A. Bosselaers, B. Preneel: RIPEMD-160: A strengthened version of RIPEMD. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 1039, ed. by D. Grollman (Springer, Berlin Heidelberg 1996) pp. 71–82

    Google Scholar 

  22. ISO/IEC 10118-3:2004: Information technology – security techniques – hash-functions. Part 3: dedicated hash-functions (International Organization for Standardization, February 2004)

    Google Scholar 

  23. European Network of Excellence in Cryptography (ECRYPT): Recent collision attacks on hash functions: ECRYPT position paper, technical report version 1.1 (Katholieke Universiteit Leuven, February 2005), available at http://www.ecrypt.eu.org/documents/STVL-ERICS-2-HASH_STMT-1.1.pdf (accessed on 28 December 2006)

  24. F. Muller: The MD2 hash function is not one-way. In: Advances in Cryptology – ASIACRYPT 2004, Lecture Notes in Computer Science, Vol. 3329, ed. by P.J. Lee (Springer, Berlin Heidelberg 2004) pp. 214–229

    Google Scholar 

  25. H. Feistel: Cryptography and computer privacy, Sci. Am. 228(5), 15–23 (1973)

    Article  Google Scholar 

  26. B. Schneier: Applied Cryptography, 2nd edn. (John Wiley and Sons, USA 1996) Chap. 18, pp. 429–460

    Google Scholar 

  27. B. Preneel, R. Govaerts, J. Vandewalle: Hash functions based on block ciphers: a synthetic approach. In: Advances in Cryptology – CRYPTO 1993, Lecture Notes in Computer Science, Vol. 773, ed. by D.R. Stinson (Springer, Berlin Heidelberg 1993) pp. 368–378

    Google Scholar 

  28. J. Black, P. Rogaway, T. Shrimpton: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Advances in Cryptology – CRYPTO 2002, Lecture Notes in Computer Science, Vol. 2442, ed. by M. Yung (Springer, Berlin Heidelberg 2002) pp. 320–335

    Google Scholar 

  29. D. Coppersmith, S. Pilpel, C.H. Meyer, S.M. Matyas, M.M. Hyden, J. Oseas, B. Brachtl, M. Schilling: Data authentication using modification dectection codes based on a public one way encryption function, Patent 4908861 (1990)

    Google Scholar 

  30. C. Meyer, M. Schilling: Secure program load with manipulation detection code, Proc. 6th Worldwide Congress on Computer and Communications Security and Protection (SECURICOM 1988), Paris, 1988, pp. 111–130

    Google Scholar 

  31. J.P. Steinberger: The collision intractability of MDC-2 in the ideal-cipher model. In: Advances in Cryptology – EUROCRYPT 2007, Lecture Notes in Computer Science, Vol. 4515, ed. by M. Naor (Springer, Berlin Heidelberg 2007) pp. 34–51

    Chapter  Google Scholar 

  32. A. Bosselaers, B. Preneel (Eds.): Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation RIPE-RACE 1040, Lecture Notes in Computer Science, Vol. 1007 (Springer, Berlin Heidelberg 1995) pp. 31–67, Chap. 2

    Google Scholar 

  33. H. Yoshida, D. Watanabe, K. Okeya, J. Kitahara, H. Wu, Ö. Küçük, B. Preneel: MAME: A compression function with reduced hardware requirements. In: Cryptographic Hardware and Embedded Systems – CHES Proceedings, Lecture Notes in Computer Science, Vol. 4727, ed. by P. Paillier, I. Verbauwhede (Springer, Berlin Heidelberg 2007) pp. 148–165

    Chapter  Google Scholar 

  34. V. Rijmen, P.S.L.M. Barreto: The WHIRLPOOL hash function, ISO/IEC 10118-3:2004 (2004), available at http://www.larc.usp.br/pbarreto/WhirlpoolPage.html (accessed on 24 December 2008)

  35. L.R. Knudsen: Block ciphers: analysis, design and applications. Ph.D. Thesis (Århus University, Århus 1994)

    Google Scholar 

  36. L.R. Knudsen, X. Lai, B. Preneel: Attacks on fast double block length hash functions, J. Cryptol. 11(1), 59–72 (1998)

    Article  MATH  MathSciNet  Google Scholar 

  37. L.R. Knudsen, F. Muller: Some attacks against a double length hash proposal. In: Advances in Cryptology – ASIACRYPT 2005, Lecture Notes in Computer Science, Vol. 3788, ed. by B. Roy (Springer, Berlin Heidelberg 2005) pp. 462–473

    Chapter  Google Scholar 

  38. S. Matyas, C. Meyer, J. Oseas: Generating strong one-way functions with cryptographic algorithm, IBM Tech. Discl. Bull. 27, 5658–5659 (1985)

    Google Scholar 

  39. D.W. Davies, W. Price: Digital signatures, an update, Proc. 5th International Conference on Computer Communications, October 1984, pp. 845–849

    Google Scholar 

  40. R. Winternitz: Producing a one-way hash function from DES. In: Proc. CRYPTO 1983, ed. by D. Chaum (Plenum Press, New York London 1984) pp. 203–207

    Google Scholar 

  41. R. Winternitz: A secure one-way hash function built from DES, Proc. 1984 Symposium on Security and Privacy (SSP 1984) (IEEE Computer Society Press, 1984) pp. 88–90

    Google Scholar 

  42. L.R. Knudsen, B. Preneel: Hash functions based on block ciphers and quaternary codes. In: Advances in Cryptology – ASIACRYPT 1996, Lecture Notes in Computer Science, Vol. 1163, ed. by K. Kim, T. Matsumoto (Springer, Berlin Heidelberg 1996) pp. 77–90

    Chapter  Google Scholar 

  43. S. Miyaguchi, K. Ohta, M. Iwata: Confirmation that some hash functions are not collision free. In: Advances in Cryptology – EUROCRYPT 1990, Lecture Notes in Computer Science, Vol. 473, ed. by I.B. Damgård (Springer, Berlin Heidelberg 1991) pp. 326–343

    Chapter  Google Scholar 

  44. ISO/IEC 10118-4:1998: Information technology – security techniques – hashfunctions. Part 4: Hash-functions using modular arithmetic (1998)

    Google Scholar 

  45. I. Damgård, L. Knudsen, S. Thomsen: DAKOTA-hashing from a combination of modular arithmetic and symmetric cryptography. In: ACNS, Lecture Notes in Computer Science, Vol. 5037, ed. by S. Bellovin, R. Gennaro (Springer, Berlin Heidelberg 2008) pp. 144–155

    Google Scholar 

  46. D. Boneh, M. Franklin: Efficient generation of shared RSA keys (extended abstract). In: Advances in Cryptology – CRYPTO 1997, Lecture Notes in Computer Science, Vol. 1294, ed. by B.S. Kaliski Jr. (Springer, Berlin Heidelberg 1997) pp. 425–439

    Google Scholar 

  47. A. Joux: Multicollisions in iterated hash functions. Application to cascaded constructions.. In: Advances in Cryptology – CRYPTO 2004, Lecture Notes in Computer Science, Vol. 3152, ed. by M. Franklin (Springer, Berlin Heidelberg 2004) pp. 306–316

    Google Scholar 

  48. R.C. Merkle: Secrecy, authentication, and public key systems. Ph.D. Thesis (Department of Electrical Engineering, Stanford University 1979)

    Google Scholar 

  49. R.D. Dean: Formal aspects of mobile code security. Ph.D. Thesis (Princeton University, Princeton 1999)

    Google Scholar 

  50. J. Kelsey, B. Schneier: Second Preimages on n-bit hash functions for much less than 2n work. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 474–490

    Google Scholar 

  51. J. Kelsey, T. Kohno: Herding hash functions and the Nostradamus attack. In: Advances in Cryptology-EUROCRYPT 2006, Lecture Notes in Computer Science, Vol. 4004, ed. by S. Vaudenay (Springer, Berlin Heidelberg 2006) pp. 183–200

    Chapter  Google Scholar 

  52. E. Biham, A. Shamir: Differential cryptanalysis of DES-like cryptosystems (extended abstract). In: Advances in Cryptology – CRYPTO 1990, Lecture Notes in Computer Science, Vol. 537, ed. by A.J. Menezes, S.A. Vanstone (Springer, Berlin Heidelberg 1991) pp. 2–21

    Google Scholar 

  53. M. Daum: Cryptanalysis of hash functions of the MD4-family. Ph.D. Thesis (Ruhr-Universität Bochum, Bochum 2005)

    MATH  Google Scholar 

  54. H. Dobbertin: Cryptanalysis of MD4. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 1039, ed. by D. Grollman (Springer, Berlin Heidelberg 1996) pp. 53–69

    Google Scholar 

  55. H. Dobbertin: Cryptanalysis of MD4, J. Cryptol. 11(4), 253–271 (1998)

    Article  MATH  Google Scholar 

  56. H. Dobbertin: Cryptanalysis of MD5 Compress, presented at the Rump Session of EUROCRYPT 1996 (1996)

    Google Scholar 

  57. X. Wang, X. Lai, D. Feng, H. Chen, X. Yu: Cryptanalysis of the hash functions MD4 and RIPEMD. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 1–18

    Google Scholar 

  58. E. Biham: New techniques for cryptanalysis of hash functions and improved attacks on Snefru. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 5086, ed. by K. Nyberg (Springer, Berlin Heidelberg 2008) pp. 444–461

    Chapter  Google Scholar 

  59. X. Wang, H. Yu: How to break MD5 and other hash functions. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 19–35

    Google Scholar 

  60. J. Liang, X.-J. Lai: Improved collision attack on hash function MD5, J. Comput. Sci. Technol. 22(1), 79–87 (2007)

    Article  Google Scholar 

  61. Y. Sasaki, Y. Naito, N. Kunihiro, K. Ohta: Improved collision attack on MD5, Cryptology ePrint Archive, Report 2005/400 (2005), available at http://eprint.iacr.org/2005

  62. G. Leurent: MD4 is not one-way. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 5086, ed. by K. Nyberg (Springer, Berlin Heidelberg 2008) pp. 412–428

    Chapter  Google Scholar 

  63. Federal Information Processing Standards Publication: Secure hash standard: FIPS PUB 180 (United States Government Printing Office, 11 May 1993)

    Google Scholar 

  64. B. den Boer, A. Bosselaers: Collisions for the compression function of MD5. In: Advances in Cryptology – EUROCRYPT 1993, Lecture Notes in Computer Science, Vol. 765, ed. by T. Helleseth (Springer, Berlin Heidelberg 1994) pp. 293–304

    Chapter  Google Scholar 

  65. N.C.S. Laboratory: Secure hash standard, Federal Information Processing Standards Publication 180-1 (1995)

    Google Scholar 

  66. F. Chabaud, A. Joux: Differential collisions in SHA-0. In: Advances in Cryptology – CRYPTO 1998, Lecture Notes in Computer Science, Vol. 1462, ed. by H. Krawczyk (Springer, Berlin Heidelberg 1998) pp. 56–71

    Google Scholar 

  67. X. Wang, Y.L. Yin, H. Yu: Efficient collision search attacks on SHA-0. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 1–16

    Google Scholar 

  68. E. Biham, R. Chen: Near-collisions of SHA-0. In: Advances in Cryptology – CRYPTO 2004, Lecture Notes in Computer Science, Vol. 3152, ed. by M. Franklin (Springer, Berlin Heidelberg 2004) pp. 290–305

    Google Scholar 

  69. E. Biham, R. Chen, A. Joux, P. Carribault, C. Lemuet, W. Jalby: Collisions of SHA-0 and reduced SHA-1. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 36–57

    Google Scholar 

  70. X. Wang, Y.L. Yin, H. Yu: Finding collisions in the full SHA-1. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 17–36

    Google Scholar 

  71. X. Wang, A. Yao, F. Yao: Cryptanalysis of SHA-1 hash function, technical report (National Institute of Standards and Technology, October 2005) available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 29 December 2008)

  72. M. Szydlo, Y.L. Yin: Collision-resistant usage of MD5 and SHA-1 via message preprocessing. In: Topics in Cryptology – CT-RSA 2006, Lecture Notes in Computer Science, Vol. 3860, ed. by D. Pointcheval (Springer, Berlin Heidelberg 2006) pp. 99–114

    Chapter  Google Scholar 

  73. A. Satoh: Hardware architecture and cost estimates for breaking SHA-1. In: ISC, Lecture Notes in Computer Science, Vol. 3650, ed. by C.-M. Hu, W.-G. Tzeng (Springer, Berlin Heidelberg 2005) pp. 259–273

    Google Scholar 

  74. C.D. Cannière, F. Mendel, C. Rechberger: Collisions for 70-step SHA-1: on the full cost of collision search. In: Selected Areas in Cryptography, Lecture Notes in Computer Science, Vol. 4876, ed. by C.M. Adams, A. Miri, M.J. Wiener (Springer, Berlin Heidelberg 2007) pp. 56–73

    Chapter  Google Scholar 

  75. F. Mendel, C. Rechberger, V. Rijmen: Secure enough? Re-assessment of the World’s most-used hash function (International Science Grid This Week, 2007), available at http://www.isgtw.org/?pid=1000711 (accessed on 30 November 2008)

  76. ISO/IEC FDIS 10118-3. Information technology – security techniques – hash functions. Part 3: dedicated hash functions (International Organization for Standardization, 2003), available at http://www.ncits.org/ref-docs/FDIS_10118-3.pdf

  77. F. Mendel, N. Pramstaller, C. Rechberger, V. Rijmen: On the collision resistance of RIPEMD-160. In: ISC, Lecture Notes in Computer Science, Vol. 4176, ed. by S.K. Katsikas, J. Lopez, M. Backes, S. Gritzalis, B. Preneel (Springer, Berlin Heidelberg 2006) pp. 101–116

    Google Scholar 

  78. National Institute of Standards and Technology: Advanced encryption standard (AES) development effort (2001), available at http://csrc.nist.gov/archive/aes/index.html (accessed on 9 November 2008)

  79. P. Gauravaram, W. Millan, E. Dawson, K. Viswanathan: Constructing secure hash functions by enhancing Merkle–Damgård construction. In: Australasian Conference on Information Security and Privacy (ACISP), Lecture Notes in Computer Science, Vol. 4058, ed. by L. Batten, R. Safavi-Naini (Springer, Berlin Heidelberg 2006) pp. 407–420

    Google Scholar 

  80. D.G. Filho, P. Barreto, V. Rijmen: The Maelstrom-0 hash function, published at 6th Brazilian Symposium on Information and Computer System Security (2006)

    Google Scholar 

  81. Government Committee of Russia for Standards: GOST R 34.11-94, Gosudarstvennyi Standart of Russian Federation: Information technology, cryptographic data security, hashing function (1994)

    Google Scholar 

  82. J.-J. Quisquater, J.-P. Delescaille: How easy is collision search. New results and applications to DES. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 408–413

    Google Scholar 

  83. B. Kaliski: RFC 1319: the MD2 message-digest algorithm (Internet Activities Board, April 1992), available at http://www.ietf.org/rfc/rfc1319.txt (accessed on 27 December 2008)

  84. P. Gauravaram, J. Kelsey: Linear-XOR and additive checksums don’t protect Damgård–Merkle hashes from generic attacks. In: Topics in Cryptology – CT-RSA 2008, Lecture Notes in Computer Science, Vol. 4964, ed. by T. Malkin (Springer, Berlin Heidelberg 2008) pp. 36–51

    Chapter  Google Scholar 

  85. P. Gauravaram, J. Kelsey, L. Knudsen, S. Thomsen: On hash functions using checksums, MAT Report Series 806-56 (Technical University of Denmark, July 2008), available at http://all.net/books/standards/NIST-CSRC/csrc.nist.gov/publications/drafts.html#draft-SP800-56 (accessed on 21 December 2008)

  86. R. Rivest: Abelian square-free dithering and recoding for iterated hash functions, technical report (October 2005), available at http://csrc.nist.gov/pki/HashWorkshop/2005/program.htm (accessed on 15 February 2007)

  87. E. Andreeva, C. Bouillaguet, P.-A. Fouque, J.J. Hoch, J. Kelsey, A. Shamir, S. Zimmer: Second preimage attacks on dithered hash functions. In: Advances in Cryptology – EUROCRYPT 2008, Lecture Notes in Computer Science, Vol. 4965, ed. by N.P. Smart (Springer, Berlin Heidelberg 2008) pp. 270–288

    Chapter  Google Scholar 

  88. E. Andreeva, G. Neven, B. Preneel, T. Shrimpton: Seven-property-preserving iterated hashing: ROX. In: Advances in Cryptology – ASIACRYPT 2007, Lecture Notes in Computer Science, Vol. 4833, ed. by K. Kurosawa (Springer, Berlin Heidelberg 2007) pp. 130–146

    Chapter  Google Scholar 

  89. V. Shoup: A composition theorem for universal one-way hash functions. In: Advances in Cryptology – EUROCRYPT 2000, Lecture Notes in Computer Science, Vol. 1807, ed. by B. Preneel (Springer, Berlin Heidelberg 2000) pp. 445–452

    Chapter  Google Scholar 

  90. E. Biham, O. Dunkelman: A framework for iterative hash functions – HAIFA, Cryptology ePrint Archive, Report 2007/278 (2007), available at http://eprint.iacr.org/2007/278 (accessed on 14 May 2008)

  91. S. Halevi, H. Krawczyk: Strengthening digital signatures via randomized hashing. In: Advances in Cryptology – CRYPTO 2006, Lecture Notes in Computer Science, Vol. 4117, ed. by C. Dwork (Springer, Berlin Heidelberg 2006) pp. 41–59, available at http://www.ee.technion.ac.il/ hugo/rhash/rhash.pdf, accessed on 29 July 2008

    Chapter  Google Scholar 

  92. U. Maurer, R. Renner, C. Holenstein: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Theory of Cryptography Conference, Lecture Notes in Computer Science, Vol. 2951, ed. by M. Naor (Springer, Berlin Heidelberg 2004) pp. 21–39

    Google Scholar 

  93. M. Bellare, J. Kilian, P. Rogaway: The security of cipher block chaining. In: Advances in Cryptology – CRYPTO 1994, Lecture Notes in Computer Science, Vol. 839, ed. by Y.G. Desmedt (Springer, Berlin Heidelberg 1994) pp. 341–358

    Google Scholar 

  94. M. Bellare, P. Rogaway: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, ed. by V. Ashby (ACM Press, New York, NY, USA 1993) pp. 62–73

    Chapter  Google Scholar 

  95. G. Bertoni, J. Daemen, M. Peeters, G.V. Assche: On the indifferentiability of the sponge construction. In: Advances in Cryptology – EUROCRYPT 2008, Lecture Notes in Computer Science, Vol. 4965, ed. by N.P. Smart (Springer, Berlin Heidelberg 2008) pp. 181–197

    Chapter  Google Scholar 

  96. D. Chang, S. Lee, M. Nandi, M. Yung: Indifferentiable security analysis of popular hash functions with prefix-free padding. In: Advances in Cryptology – ASIACRYPT 2006, Lecture Notes in Computer Science, Vol. 4284, ed. by X. Lai, K. Chen (Springer, Berlin Heidelberg 2006) pp. 283–298

    Chapter  Google Scholar 

  97. H. Kuwakado, M. Morii: Indifferentiability of single-block-length and rate-1 compression functions, IEICE Trans. 90-A(10), 2301–2308 (2007)

    Google Scholar 

  98. W. Diffie, M. Hellman: New directions in cryptography, IEEE Trans. Inf. Theory 22(5), 644–654 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  99. D.R. Stinson: Cryptography: Theory and Practice, 2nd edn. (CRC Press, Boca Raton, FL 2002)

    Google Scholar 

  100. J. Pieprzyk, T. Hardjono, J. Seberry: Fundamentals of Computer Security, Monographs in Theoretical Computer Science (Springer, Berlin Heidelberg 2003)

    MATH  Google Scholar 

  101. National Institute of Standards and Technology: FIPS PUB 186-2: Digital signature standard (DSS) (January 2000), available at http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf (accessed on 15 August 2008)

  102. RSA Laboratories: PKCS #1 v2.1: RSA Cryptography Standard, RSA Data Security, Inc. (June 2002), available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf (accessed on 15 August 2008)

  103. S. Bellovin, E. Rescorla: Deploying a new hash algorithm, NIST’s First Hash Function Workshop, October 2005, available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 18 May 2008)

  104. P. Hoffman, B. Schneier: RFC 4270: Attacks on cryptographic hashes in internet protocols, Informational RFC draft (November 2005), available at http://www.rfc-archive.org/getrfc.php?rfc=4270 (accessed on 11 December 2006)

  105. C.N. Michael, X. Su: Incorporating a new hash function in openPGP and SSL/TLS, ITNG (IEEE Computer Society, 2007) pp. 556–561

    Google Scholar 

  106. D.W. Davies, W.L. Price: The application of digital signatures based on public-key cryptosystems, Proc. 5th International Computer Communications Conference, October 1980, pp. 525–530

    Google Scholar 

  107. S.G. Akl: On the security of compressed encodings. In: Advances in Cryptology: Proceedings of CRYPTO, ed. by D. Chaum (Plenum Press, New York London 1983) pp. 209–230

    Google Scholar 

  108. R. Morris, K. Thompson: Password security – a case history, Commun. ACM 22(11), 594–597 (1979)

    Article  Google Scholar 

  109. P. Hawkes, M. Paddon, G. Rose: The Mundja streaming MAC, presented at the ECRYPT Network of Excellence in Cryptology workshop on the State of the Art of Stream Ciphers, October 2004, Brugge, Belgium (2004), available at http://eprint.iacr.org/2004/271 (accessed on 9 November 2008)

  110. B. Preneel, P.C. van Oorschot: MDx-MAC and building fast MACs from hash hunctions. In: Advances in Cryptology – CRYPTO 1995, Lecture Notes in Computer Science, Vol. 963, ed. by D. Coppersmith (Springer, Berlin Heidelberg 1995) pp. 1–14

    Google Scholar 

  111. B. Preneel, P.C. van Oorschot: On the security of two MAC algorithms. In: Advances in Cryptology – EUROCRYPT 1996, Lecture Notes in Computer Science, Vol. 1070, ed. by U. Maurer (Springer, Berlin Heidelberg 1996) pp. 19–32

    Chapter  Google Scholar 

  112. G. Tsudik: Message authentication with one-way hash functions, IEEE Infocom 1992 (1992) pp. 2055–2059

    Google Scholar 

  113. C.H. Meyer, S.M. Matyas: Cryptography: a Guide for the Design and Implementation of Secure Systems (John Wiley and Sons, New York 1982)

    MATH  Google Scholar 

  114. ANSI X9.9: Financial institution message authentication (wholesale) (1986)

    Google Scholar 

  115. H. Krawczyk, M. Bellare, R. Canetti: RFC 2104: HMAC: Keyed-hashing for message authentication (February 1997), available at http://www.ietf.org/rfc/rfc2104.txt (accessed on 29 December 2008)

  116. National Institute of Standards and Technology: Announcing request for candidate algorithm nominations for a new cryptographic hash algorithm (SHA-3) family, docket No. 070911510-7512-01 (November 2007), available at http://csrc.nist.gov/groups/ST/hash/sha-3/index.html (accessed on 23 December 2008)

  117. B. Preneel, P.C. van Oorschot: On the security of iterated message authentication codes, IEEE Trans. Inf. Theory 45(1), 188–199 (1999)

    Article  MATH  Google Scholar 

  118. P. Metzger, W. Simpson: RFC 1828 – IP authentication using keyed MD5 (August 1995), Status: proposed standard

    Google Scholar 

  119. K. Yasuda: “Sandwich” is indeed secure: how to authenticate a message with just one hashing. In: Australasian Conference on Information Security and Privacy (ACISP), Lecture Notes in Computer Science, Vol. 4586, ed. by J. Pieprzyk, H. Ghodosi, E. Dawson (Springer, Berlin Heidelberg 2007) pp. 355–369

    Google Scholar 

  120. ISO/IEC 9797-2: Information technology – security techniques – message authentication codes (MACs). Part 2: mechanisms using a dedicated hash-function (International Organization for Standardization, Augist 2002)

    Google Scholar 

  121. P. Gauravaram: Cryptographic hash functions: cryptanalysis, design and applications. Ph.D. Thesis (Information Security Institute, Queensland University of Technogy 2007)

    Google Scholar 

  122. National Institute of Standards and Technology: The keyed-hash message authentication code (HMAC) (March 2002), available at http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf (accessed on 29 December 2008)

  123. ANSI X9.71: Keyed hash message authentication code (2000)

    Google Scholar 

  124. S. Contini, Y.L. Yin: Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In: ASIACRYPT 2006, Lecture Notes in Computer Science, Vol. 4284, ed. by X. Lai, K. Chen (Springer, Berlin Heidelberg 2006) pp. 37–53

    Chapter  Google Scholar 

  125. P.-A. Fouque, G. Leurent, P.Q. Nguyen: Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Advances in Cryptology – CRYPTO 2007, Lecture Notes in Computer Science, Vol. 4622, ed. by A. Menezes (Springer, Berlin Heidelberg 2007) pp. 13–30

    Chapter  Google Scholar 

  126. M. Fischlin: Security of NMAC and HMAC based on non-malleability. In: Topics in Cryptology – CT-RSA-2008, Lecture Notes in Computer Science, Vol. 4964, ed. by T. Malkin (Springer, Berlin Heidelberg 2008) pp. 138–154

    Chapter  Google Scholar 

  127. National Institute of Standards and Technology: NIST comments on cryptanalytic attacks on SHA-1, short notice (2005), available at http://csrc.nist.gov/groups/ST/hash/statement.html (accessed on 21 December 2008)

  128. National Institute of Standards and Technology: Hash functions in the round 1 of the competition (December 2008), available at http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/index.html (accessed on 23 December 2008)

  129. W. Burr: SHA-3 first round submissions, December 2008, this announcement was made in the Hash-Forum

    Google Scholar 

  130. ECRYPT: SHA-3 Zoo, December 2008, available at http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo (accessed on 28 December 2008)

Download references

Author information

Authors and Affiliations

  1. DTU Mathematics, Technical University of Denmark, 2800, Kgs. Lyngby, Denmark

    Praveen Gauravaram

  2. DTU Mathematics, Technical University of Denmark, Matematiktorvet, Building S303, 2800, Kgs. Lyngby, Denmark

    Lars R. Knudsen

Authors
  1. Praveen Gauravaram
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lars R. Knudsen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Technical University of Crete, 73132, Chania, Crete, Greece

    Peter Stavroulakis

  2. Dept. Computer Science, San Jose State University, One Washington Square, 95192, San Jose, CA, USA

    Mark Stamp

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Gauravaram, P., Knudsen, L. (2010). Cryptographic Hash Functions. In: Stavroulakis, P., Stamp, M. (eds) Handbook of Information and Communication Security. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04117-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04117-4_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04116-7

  • Online ISBN: 978-3-642-04117-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation