Abstract
Cryptographic hash functions are an important tool of cryptography and play a fundamental role in efficient and secure information processing. A hash function processes an arbitrary finite length input message to a fixed length output referred to as the hash value. As a security requirement, a hash value should not serve as an image for two distinct input messages and it should be difficult to find the input message from a given hash value. Secure hash functions serve data integrity, non-repudiation and authenticity of the source in conjunction with the digital signature schemes. Keyed hash functions, also called message authentication codes (MACs) serve data integrity and data origin authentication in the secret key setting. The building blocks of hash functions can be designed using block ciphers, modular arithmetic or from scratch. The design principles of the popular Merkle–Damgård construction are followed in almost all widely used standard hash functions such as MD5 and SHA-1.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
A.J. Menezes, P.C. Van Oorschot, S.A. Vanstone: Handbook of Applied Cryptography, Discrete Mathematics and its Applications, Vol. 1 (CRC Press, Boca Raton, FL 1997) pp. 321–383, Chap. 9
B. Preneel: Analysis and design of cryptographic hash functions. Ph.D. Thesis (Katholieke Universiteit Leuven, Leuven 1993)
D.R. Stinson: Cryptography: Theory and Practice, Discrete Mathematics and its Applications, Vol. 36, 3rd edn. (CRC Press, Boca Raton, FL 2005)
D.R. Stinson: Some observations on the theory of cryptographic hash functions, Des. Codes Cryptogr. 38(2), 259–277 (2006)
I. Damgård: A design principle for hash functions. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 416–427
M. Bellare, R. Canetti, H. Krawczyk: Keying hash functions for message authentication. In: Advances in Cryptology – CRYPTO 1996, Lecture Notes in Computer Science, Vol. 1109, ed. by N. Koblitz (Springer, Berlin Heidelberg 1996) pp. 1–15
J. Kelsey: Truncation mode for SHA, NIST’s First Hash Function Workshop, October 2005, available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 12 October 2008)
R. Merkle: One way Hash Functions and DES. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 428–446
X. Lai, J.L. Massey: Hash functions based on block ciphers. In: Advances in Cryptology – EUROCRYPT 1992, Lecture Notes in Computer Science, Vol. 658, ed. by R.A. Rueppel (Springer, Berlin Heidelberg 1992) pp. 55–70
S. Hirose: A note on the strength of weak collision resistance, IEICE Trans. Fundam. E87-A(5), 1092–1097 (2004)
J.-S. Coron, Y. Dodis, C. Malinaud, P. Puniya: Merkle–Damgå rd revisited: How to construct a hash function. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 430–448
M. Bellare: New proofs for NMAC and HMAC: security without collision-resistance. In: Advances in Cryptology – CRYPTO 2006, Lecture Notes in Computer Science, Vol. 4117, ed. by C. Dwork (Springer, Berlin Heidelberg 2006)
R.C. Merkle: A fast Software one-way hash function, J. Cryptol. 3(1), 43–58 (1990)
S. Lucks: A failure-friendly design principle for hash functions. In: Advances in Cryptology – ASIACRYPT 2005, Lecture Notes in Computer Science, Vol. 3788, ed. by B. Roy (Springer, Berlin Heidelberg 2005) pp. 474–494
R. Rivest: The MD4 message digest algorithm. In: Advances in Cryptology – CRYPTO 1990, Lecture Notes in Computer Science, Vol. 537, ed. by A. Menezes, S.A. Vanstone (Springer, Berlin Heidelberg 1991) pp. 303–311
R. Rivest: RFC 1320: The MD4 message digest algorithm (April 1992), available at http://www.faqs.org/rfcs/rfc1320.html (accessed on 12 October 2008)
R. Rivest: The MD5 message digest algorithm, Internet Request for Comment RFC 1321, Internet Engineering Task Force (April 1992)
National Institute of Standards and Technology: FIPS PUB 180: Secure hash standard (May 1993)
National Institute of Standards and Technology: Federal information processing standard (FIPS PUB 180-2) Secure Hash Standard (August 2002), available at http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf (accessed on 18 May 2008)
National Institute of Standards and Technology: Federal information processing standard (FIPS PUB 180-3) secure hash standard (June 2007), available at http://csrc.nist.gov/publications/drafts/fips_180-3/draft_fips-180-3_June-08-2007.pdf (accessed on 22 July 2008)
H. Dobbertin, A. Bosselaers, B. Preneel: RIPEMD-160: A strengthened version of RIPEMD. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 1039, ed. by D. Grollman (Springer, Berlin Heidelberg 1996) pp. 71–82
ISO/IEC 10118-3:2004: Information technology – security techniques – hash-functions. Part 3: dedicated hash-functions (International Organization for Standardization, February 2004)
European Network of Excellence in Cryptography (ECRYPT): Recent collision attacks on hash functions: ECRYPT position paper, technical report version 1.1 (Katholieke Universiteit Leuven, February 2005), available at http://www.ecrypt.eu.org/documents/STVL-ERICS-2-HASH_STMT-1.1.pdf (accessed on 28 December 2006)
F. Muller: The MD2 hash function is not one-way. In: Advances in Cryptology – ASIACRYPT 2004, Lecture Notes in Computer Science, Vol. 3329, ed. by P.J. Lee (Springer, Berlin Heidelberg 2004) pp. 214–229
H. Feistel: Cryptography and computer privacy, Sci. Am. 228(5), 15–23 (1973)
B. Schneier: Applied Cryptography, 2nd edn. (John Wiley and Sons, USA 1996) Chap. 18, pp. 429–460
B. Preneel, R. Govaerts, J. Vandewalle: Hash functions based on block ciphers: a synthetic approach. In: Advances in Cryptology – CRYPTO 1993, Lecture Notes in Computer Science, Vol. 773, ed. by D.R. Stinson (Springer, Berlin Heidelberg 1993) pp. 368–378
J. Black, P. Rogaway, T. Shrimpton: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Advances in Cryptology – CRYPTO 2002, Lecture Notes in Computer Science, Vol. 2442, ed. by M. Yung (Springer, Berlin Heidelberg 2002) pp. 320–335
D. Coppersmith, S. Pilpel, C.H. Meyer, S.M. Matyas, M.M. Hyden, J. Oseas, B. Brachtl, M. Schilling: Data authentication using modification dectection codes based on a public one way encryption function, Patent 4908861 (1990)
C. Meyer, M. Schilling: Secure program load with manipulation detection code, Proc. 6th Worldwide Congress on Computer and Communications Security and Protection (SECURICOM 1988), Paris, 1988, pp. 111–130
J.P. Steinberger: The collision intractability of MDC-2 in the ideal-cipher model. In: Advances in Cryptology – EUROCRYPT 2007, Lecture Notes in Computer Science, Vol. 4515, ed. by M. Naor (Springer, Berlin Heidelberg 2007) pp. 34–51
A. Bosselaers, B. Preneel (Eds.): Integrity Primitives for Secure Information Systems. Final Report of RACE Integrity Primitives Evaluation RIPE-RACE 1040, Lecture Notes in Computer Science, Vol. 1007 (Springer, Berlin Heidelberg 1995) pp. 31–67, Chap. 2
H. Yoshida, D. Watanabe, K. Okeya, J. Kitahara, H. Wu, Ö. Küçük, B. Preneel: MAME: A compression function with reduced hardware requirements. In: Cryptographic Hardware and Embedded Systems – CHES Proceedings, Lecture Notes in Computer Science, Vol. 4727, ed. by P. Paillier, I. Verbauwhede (Springer, Berlin Heidelberg 2007) pp. 148–165
V. Rijmen, P.S.L.M. Barreto: The WHIRLPOOL hash function, ISO/IEC 10118-3:2004 (2004), available at http://www.larc.usp.br/pbarreto/WhirlpoolPage.html (accessed on 24 December 2008)
L.R. Knudsen: Block ciphers: analysis, design and applications. Ph.D. Thesis (Århus University, Århus 1994)
L.R. Knudsen, X. Lai, B. Preneel: Attacks on fast double block length hash functions, J. Cryptol. 11(1), 59–72 (1998)
L.R. Knudsen, F. Muller: Some attacks against a double length hash proposal. In: Advances in Cryptology – ASIACRYPT 2005, Lecture Notes in Computer Science, Vol. 3788, ed. by B. Roy (Springer, Berlin Heidelberg 2005) pp. 462–473
S. Matyas, C. Meyer, J. Oseas: Generating strong one-way functions with cryptographic algorithm, IBM Tech. Discl. Bull. 27, 5658–5659 (1985)
D.W. Davies, W. Price: Digital signatures, an update, Proc. 5th International Conference on Computer Communications, October 1984, pp. 845–849
R. Winternitz: Producing a one-way hash function from DES. In: Proc. CRYPTO 1983, ed. by D. Chaum (Plenum Press, New York London 1984) pp. 203–207
R. Winternitz: A secure one-way hash function built from DES, Proc. 1984 Symposium on Security and Privacy (SSP 1984) (IEEE Computer Society Press, 1984) pp. 88–90
L.R. Knudsen, B. Preneel: Hash functions based on block ciphers and quaternary codes. In: Advances in Cryptology – ASIACRYPT 1996, Lecture Notes in Computer Science, Vol. 1163, ed. by K. Kim, T. Matsumoto (Springer, Berlin Heidelberg 1996) pp. 77–90
S. Miyaguchi, K. Ohta, M. Iwata: Confirmation that some hash functions are not collision free. In: Advances in Cryptology – EUROCRYPT 1990, Lecture Notes in Computer Science, Vol. 473, ed. by I.B. Damgård (Springer, Berlin Heidelberg 1991) pp. 326–343
ISO/IEC 10118-4:1998: Information technology – security techniques – hashfunctions. Part 4: Hash-functions using modular arithmetic (1998)
I. Damgård, L. Knudsen, S. Thomsen: DAKOTA-hashing from a combination of modular arithmetic and symmetric cryptography. In: ACNS, Lecture Notes in Computer Science, Vol. 5037, ed. by S. Bellovin, R. Gennaro (Springer, Berlin Heidelberg 2008) pp. 144–155
D. Boneh, M. Franklin: Efficient generation of shared RSA keys (extended abstract). In: Advances in Cryptology – CRYPTO 1997, Lecture Notes in Computer Science, Vol. 1294, ed. by B.S. Kaliski Jr. (Springer, Berlin Heidelberg 1997) pp. 425–439
A. Joux: Multicollisions in iterated hash functions. Application to cascaded constructions.. In: Advances in Cryptology – CRYPTO 2004, Lecture Notes in Computer Science, Vol. 3152, ed. by M. Franklin (Springer, Berlin Heidelberg 2004) pp. 306–316
R.C. Merkle: Secrecy, authentication, and public key systems. Ph.D. Thesis (Department of Electrical Engineering, Stanford University 1979)
R.D. Dean: Formal aspects of mobile code security. Ph.D. Thesis (Princeton University, Princeton 1999)
J. Kelsey, B. Schneier: Second Preimages on n-bit hash functions for much less than 2n work. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 474–490
J. Kelsey, T. Kohno: Herding hash functions and the Nostradamus attack. In: Advances in Cryptology-EUROCRYPT 2006, Lecture Notes in Computer Science, Vol. 4004, ed. by S. Vaudenay (Springer, Berlin Heidelberg 2006) pp. 183–200
E. Biham, A. Shamir: Differential cryptanalysis of DES-like cryptosystems (extended abstract). In: Advances in Cryptology – CRYPTO 1990, Lecture Notes in Computer Science, Vol. 537, ed. by A.J. Menezes, S.A. Vanstone (Springer, Berlin Heidelberg 1991) pp. 2–21
M. Daum: Cryptanalysis of hash functions of the MD4-family. Ph.D. Thesis (Ruhr-Universität Bochum, Bochum 2005)
H. Dobbertin: Cryptanalysis of MD4. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 1039, ed. by D. Grollman (Springer, Berlin Heidelberg 1996) pp. 53–69
H. Dobbertin: Cryptanalysis of MD4, J. Cryptol. 11(4), 253–271 (1998)
H. Dobbertin: Cryptanalysis of MD5 Compress, presented at the Rump Session of EUROCRYPT 1996 (1996)
X. Wang, X. Lai, D. Feng, H. Chen, X. Yu: Cryptanalysis of the hash functions MD4 and RIPEMD. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 1–18
E. Biham: New techniques for cryptanalysis of hash functions and improved attacks on Snefru. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 5086, ed. by K. Nyberg (Springer, Berlin Heidelberg 2008) pp. 444–461
X. Wang, H. Yu: How to break MD5 and other hash functions. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 19–35
J. Liang, X.-J. Lai: Improved collision attack on hash function MD5, J. Comput. Sci. Technol. 22(1), 79–87 (2007)
Y. Sasaki, Y. Naito, N. Kunihiro, K. Ohta: Improved collision attack on MD5, Cryptology ePrint Archive, Report 2005/400 (2005), available at http://eprint.iacr.org/2005
G. Leurent: MD4 is not one-way. In: Fast Software Encryption, Lecture Notes in Computer Science, Vol. 5086, ed. by K. Nyberg (Springer, Berlin Heidelberg 2008) pp. 412–428
Federal Information Processing Standards Publication: Secure hash standard: FIPS PUB 180 (United States Government Printing Office, 11 May 1993)
B. den Boer, A. Bosselaers: Collisions for the compression function of MD5. In: Advances in Cryptology – EUROCRYPT 1993, Lecture Notes in Computer Science, Vol. 765, ed. by T. Helleseth (Springer, Berlin Heidelberg 1994) pp. 293–304
N.C.S. Laboratory: Secure hash standard, Federal Information Processing Standards Publication 180-1 (1995)
F. Chabaud, A. Joux: Differential collisions in SHA-0. In: Advances in Cryptology – CRYPTO 1998, Lecture Notes in Computer Science, Vol. 1462, ed. by H. Krawczyk (Springer, Berlin Heidelberg 1998) pp. 56–71
X. Wang, Y.L. Yin, H. Yu: Efficient collision search attacks on SHA-0. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 1–16
E. Biham, R. Chen: Near-collisions of SHA-0. In: Advances in Cryptology – CRYPTO 2004, Lecture Notes in Computer Science, Vol. 3152, ed. by M. Franklin (Springer, Berlin Heidelberg 2004) pp. 290–305
E. Biham, R. Chen, A. Joux, P. Carribault, C. Lemuet, W. Jalby: Collisions of SHA-0 and reduced SHA-1. In: Advances in Cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, ed. by R. Cramer (Springer, Berlin Heidelberg 2005) pp. 36–57
X. Wang, Y.L. Yin, H. Yu: Finding collisions in the full SHA-1. In: Advances in Cryptology – CRYPTO 2005, Lecture Notes in Computer Science, Vol. 3621, ed. by V. Shoup (Springer, Berlin Heidelberg 2005) pp. 17–36
X. Wang, A. Yao, F. Yao: Cryptanalysis of SHA-1 hash function, technical report (National Institute of Standards and Technology, October 2005) available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 29 December 2008)
M. Szydlo, Y.L. Yin: Collision-resistant usage of MD5 and SHA-1 via message preprocessing. In: Topics in Cryptology – CT-RSA 2006, Lecture Notes in Computer Science, Vol. 3860, ed. by D. Pointcheval (Springer, Berlin Heidelberg 2006) pp. 99–114
A. Satoh: Hardware architecture and cost estimates for breaking SHA-1. In: ISC, Lecture Notes in Computer Science, Vol. 3650, ed. by C.-M. Hu, W.-G. Tzeng (Springer, Berlin Heidelberg 2005) pp. 259–273
C.D. Cannière, F. Mendel, C. Rechberger: Collisions for 70-step SHA-1: on the full cost of collision search. In: Selected Areas in Cryptography, Lecture Notes in Computer Science, Vol. 4876, ed. by C.M. Adams, A. Miri, M.J. Wiener (Springer, Berlin Heidelberg 2007) pp. 56–73
F. Mendel, C. Rechberger, V. Rijmen: Secure enough? Re-assessment of the World’s most-used hash function (International Science Grid This Week, 2007), available at http://www.isgtw.org/?pid=1000711 (accessed on 30 November 2008)
ISO/IEC FDIS 10118-3. Information technology – security techniques – hash functions. Part 3: dedicated hash functions (International Organization for Standardization, 2003), available at http://www.ncits.org/ref-docs/FDIS_10118-3.pdf
F. Mendel, N. Pramstaller, C. Rechberger, V. Rijmen: On the collision resistance of RIPEMD-160. In: ISC, Lecture Notes in Computer Science, Vol. 4176, ed. by S.K. Katsikas, J. Lopez, M. Backes, S. Gritzalis, B. Preneel (Springer, Berlin Heidelberg 2006) pp. 101–116
National Institute of Standards and Technology: Advanced encryption standard (AES) development effort (2001), available at http://csrc.nist.gov/archive/aes/index.html (accessed on 9 November 2008)
P. Gauravaram, W. Millan, E. Dawson, K. Viswanathan: Constructing secure hash functions by enhancing Merkle–Damgård construction. In: Australasian Conference on Information Security and Privacy (ACISP), Lecture Notes in Computer Science, Vol. 4058, ed. by L. Batten, R. Safavi-Naini (Springer, Berlin Heidelberg 2006) pp. 407–420
D.G. Filho, P. Barreto, V. Rijmen: The Maelstrom-0 hash function, published at 6th Brazilian Symposium on Information and Computer System Security (2006)
Government Committee of Russia for Standards: GOST R 34.11-94, Gosudarstvennyi Standart of Russian Federation: Information technology, cryptographic data security, hashing function (1994)
J.-J. Quisquater, J.-P. Delescaille: How easy is collision search. New results and applications to DES. In: Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science, Vol. 435, ed. by G. Brassard (Springer, Berlin Heidelberg 1989) pp. 408–413
B. Kaliski: RFC 1319: the MD2 message-digest algorithm (Internet Activities Board, April 1992), available at http://www.ietf.org/rfc/rfc1319.txt (accessed on 27 December 2008)
P. Gauravaram, J. Kelsey: Linear-XOR and additive checksums don’t protect Damgård–Merkle hashes from generic attacks. In: Topics in Cryptology – CT-RSA 2008, Lecture Notes in Computer Science, Vol. 4964, ed. by T. Malkin (Springer, Berlin Heidelberg 2008) pp. 36–51
P. Gauravaram, J. Kelsey, L. Knudsen, S. Thomsen: On hash functions using checksums, MAT Report Series 806-56 (Technical University of Denmark, July 2008), available at http://all.net/books/standards/NIST-CSRC/csrc.nist.gov/publications/drafts.html#draft-SP800-56 (accessed on 21 December 2008)
R. Rivest: Abelian square-free dithering and recoding for iterated hash functions, technical report (October 2005), available at http://csrc.nist.gov/pki/HashWorkshop/2005/program.htm (accessed on 15 February 2007)
E. Andreeva, C. Bouillaguet, P.-A. Fouque, J.J. Hoch, J. Kelsey, A. Shamir, S. Zimmer: Second preimage attacks on dithered hash functions. In: Advances in Cryptology – EUROCRYPT 2008, Lecture Notes in Computer Science, Vol. 4965, ed. by N.P. Smart (Springer, Berlin Heidelberg 2008) pp. 270–288
E. Andreeva, G. Neven, B. Preneel, T. Shrimpton: Seven-property-preserving iterated hashing: ROX. In: Advances in Cryptology – ASIACRYPT 2007, Lecture Notes in Computer Science, Vol. 4833, ed. by K. Kurosawa (Springer, Berlin Heidelberg 2007) pp. 130–146
V. Shoup: A composition theorem for universal one-way hash functions. In: Advances in Cryptology – EUROCRYPT 2000, Lecture Notes in Computer Science, Vol. 1807, ed. by B. Preneel (Springer, Berlin Heidelberg 2000) pp. 445–452
E. Biham, O. Dunkelman: A framework for iterative hash functions – HAIFA, Cryptology ePrint Archive, Report 2007/278 (2007), available at http://eprint.iacr.org/2007/278 (accessed on 14 May 2008)
S. Halevi, H. Krawczyk: Strengthening digital signatures via randomized hashing. In: Advances in Cryptology – CRYPTO 2006, Lecture Notes in Computer Science, Vol. 4117, ed. by C. Dwork (Springer, Berlin Heidelberg 2006) pp. 41–59, available at http://www.ee.technion.ac.il/ hugo/rhash/rhash.pdf, accessed on 29 July 2008
U. Maurer, R. Renner, C. Holenstein: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Theory of Cryptography Conference, Lecture Notes in Computer Science, Vol. 2951, ed. by M. Naor (Springer, Berlin Heidelberg 2004) pp. 21–39
M. Bellare, J. Kilian, P. Rogaway: The security of cipher block chaining. In: Advances in Cryptology – CRYPTO 1994, Lecture Notes in Computer Science, Vol. 839, ed. by Y.G. Desmedt (Springer, Berlin Heidelberg 1994) pp. 341–358
M. Bellare, P. Rogaway: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, ed. by V. Ashby (ACM Press, New York, NY, USA 1993) pp. 62–73
G. Bertoni, J. Daemen, M. Peeters, G.V. Assche: On the indifferentiability of the sponge construction. In: Advances in Cryptology – EUROCRYPT 2008, Lecture Notes in Computer Science, Vol. 4965, ed. by N.P. Smart (Springer, Berlin Heidelberg 2008) pp. 181–197
D. Chang, S. Lee, M. Nandi, M. Yung: Indifferentiable security analysis of popular hash functions with prefix-free padding. In: Advances in Cryptology – ASIACRYPT 2006, Lecture Notes in Computer Science, Vol. 4284, ed. by X. Lai, K. Chen (Springer, Berlin Heidelberg 2006) pp. 283–298
H. Kuwakado, M. Morii: Indifferentiability of single-block-length and rate-1 compression functions, IEICE Trans. 90-A(10), 2301–2308 (2007)
W. Diffie, M. Hellman: New directions in cryptography, IEEE Trans. Inf. Theory 22(5), 644–654 (1976)
D.R. Stinson: Cryptography: Theory and Practice, 2nd edn. (CRC Press, Boca Raton, FL 2002)
J. Pieprzyk, T. Hardjono, J. Seberry: Fundamentals of Computer Security, Monographs in Theoretical Computer Science (Springer, Berlin Heidelberg 2003)
National Institute of Standards and Technology: FIPS PUB 186-2: Digital signature standard (DSS) (January 2000), available at http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf (accessed on 15 August 2008)
RSA Laboratories: PKCS #1 v2.1: RSA Cryptography Standard, RSA Data Security, Inc. (June 2002), available at ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf (accessed on 15 August 2008)
S. Bellovin, E. Rescorla: Deploying a new hash algorithm, NIST’s First Hash Function Workshop, October 2005, available at http://csrc.nist.gov/groups/ST/hash/first_workshop.html (accessed on 18 May 2008)
P. Hoffman, B. Schneier: RFC 4270: Attacks on cryptographic hashes in internet protocols, Informational RFC draft (November 2005), available at http://www.rfc-archive.org/getrfc.php?rfc=4270 (accessed on 11 December 2006)
C.N. Michael, X. Su: Incorporating a new hash function in openPGP and SSL/TLS, ITNG (IEEE Computer Society, 2007) pp. 556–561
D.W. Davies, W.L. Price: The application of digital signatures based on public-key cryptosystems, Proc. 5th International Computer Communications Conference, October 1980, pp. 525–530
S.G. Akl: On the security of compressed encodings. In: Advances in Cryptology: Proceedings of CRYPTO, ed. by D. Chaum (Plenum Press, New York London 1983) pp. 209–230
R. Morris, K. Thompson: Password security – a case history, Commun. ACM 22(11), 594–597 (1979)
P. Hawkes, M. Paddon, G. Rose: The Mundja streaming MAC, presented at the ECRYPT Network of Excellence in Cryptology workshop on the State of the Art of Stream Ciphers, October 2004, Brugge, Belgium (2004), available at http://eprint.iacr.org/2004/271 (accessed on 9 November 2008)
B. Preneel, P.C. van Oorschot: MDx-MAC and building fast MACs from hash hunctions. In: Advances in Cryptology – CRYPTO 1995, Lecture Notes in Computer Science, Vol. 963, ed. by D. Coppersmith (Springer, Berlin Heidelberg 1995) pp. 1–14
B. Preneel, P.C. van Oorschot: On the security of two MAC algorithms. In: Advances in Cryptology – EUROCRYPT 1996, Lecture Notes in Computer Science, Vol. 1070, ed. by U. Maurer (Springer, Berlin Heidelberg 1996) pp. 19–32
G. Tsudik: Message authentication with one-way hash functions, IEEE Infocom 1992 (1992) pp. 2055–2059
C.H. Meyer, S.M. Matyas: Cryptography: a Guide for the Design and Implementation of Secure Systems (John Wiley and Sons, New York 1982)
ANSI X9.9: Financial institution message authentication (wholesale) (1986)
H. Krawczyk, M. Bellare, R. Canetti: RFC 2104: HMAC: Keyed-hashing for message authentication (February 1997), available at http://www.ietf.org/rfc/rfc2104.txt (accessed on 29 December 2008)
National Institute of Standards and Technology: Announcing request for candidate algorithm nominations for a new cryptographic hash algorithm (SHA-3) family, docket No. 070911510-7512-01 (November 2007), available at http://csrc.nist.gov/groups/ST/hash/sha-3/index.html (accessed on 23 December 2008)
B. Preneel, P.C. van Oorschot: On the security of iterated message authentication codes, IEEE Trans. Inf. Theory 45(1), 188–199 (1999)
P. Metzger, W. Simpson: RFC 1828 – IP authentication using keyed MD5 (August 1995), Status: proposed standard
K. Yasuda: “Sandwich” is indeed secure: how to authenticate a message with just one hashing. In: Australasian Conference on Information Security and Privacy (ACISP), Lecture Notes in Computer Science, Vol. 4586, ed. by J. Pieprzyk, H. Ghodosi, E. Dawson (Springer, Berlin Heidelberg 2007) pp. 355–369
ISO/IEC 9797-2: Information technology – security techniques – message authentication codes (MACs). Part 2: mechanisms using a dedicated hash-function (International Organization for Standardization, Augist 2002)
P. Gauravaram: Cryptographic hash functions: cryptanalysis, design and applications. Ph.D. Thesis (Information Security Institute, Queensland University of Technogy 2007)
National Institute of Standards and Technology: The keyed-hash message authentication code (HMAC) (March 2002), available at http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf (accessed on 29 December 2008)
ANSI X9.71: Keyed hash message authentication code (2000)
S. Contini, Y.L. Yin: Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions. In: ASIACRYPT 2006, Lecture Notes in Computer Science, Vol. 4284, ed. by X. Lai, K. Chen (Springer, Berlin Heidelberg 2006) pp. 37–53
P.-A. Fouque, G. Leurent, P.Q. Nguyen: Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5. In: Advances in Cryptology – CRYPTO 2007, Lecture Notes in Computer Science, Vol. 4622, ed. by A. Menezes (Springer, Berlin Heidelberg 2007) pp. 13–30
M. Fischlin: Security of NMAC and HMAC based on non-malleability. In: Topics in Cryptology – CT-RSA-2008, Lecture Notes in Computer Science, Vol. 4964, ed. by T. Malkin (Springer, Berlin Heidelberg 2008) pp. 138–154
National Institute of Standards and Technology: NIST comments on cryptanalytic attacks on SHA-1, short notice (2005), available at http://csrc.nist.gov/groups/ST/hash/statement.html (accessed on 21 December 2008)
National Institute of Standards and Technology: Hash functions in the round 1 of the competition (December 2008), available at http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/index.html (accessed on 23 December 2008)
W. Burr: SHA-3 first round submissions, December 2008, this announcement was made in the Hash-Forum
ECRYPT: SHA-3 Zoo, December 2008, available at http://ehash.iaik.tugraz.at/wiki/The_SHA-3_Zoo (accessed on 28 December 2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Gauravaram, P., Knudsen, L. (2010). Cryptographic Hash Functions. In: Stavroulakis, P., Stamp, M. (eds) Handbook of Information and Communication Security. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04117-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-04117-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04116-7
Online ISBN: 978-3-642-04117-4
eBook Packages: EngineeringEngineering (R0)