Corruption-Localizing Hashing

  • Giovanni Di Crescenzo
  • Shaoquan Jiang
  • Reihaneh Safavi-Naini
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Collision-intractable hashing is an important cryptographic primitive with numerous applications including efficient integrity checking for transmitted and stored data, and software. In several of these applications, it is important that in addition to detecting corruption of the data we also localize the corruptions. This motivates us to introduce and investigate the new notion of corruption-localizing hashing, defined as a natural extension of collision-intractable hashing. Our main contribution is in formally defining corruption-localizing hash schemes and designing two such schemes, one starting from any collision-intractable hash function, and the other starting from any collision-intractable keyed hash function. Both schemes have attractive efficiency properties in three important metrics: localization factor, tag length and localization running time, capturing the quality of localization, and performance in terms of storage and time complexity, respectively. The closest previous results, when modified to satisfy our formal definitions, only achieve similar properties in the case of a single corruption.


Hash Function Localization Factor Cyclic Shift Cryptographic Hash Function Hash Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Blaze, M.: A Cryptographic File System for UNIX. In: Proc. of 1993 ACM Conference on Computer and Communications and Security (1993)Google Scholar
  3. 3.
    Blum, M., Kannan, S.: Designing Programs That Check Their Work. In: Proc. of the 1989 ACM Symposium on Theory on Computing (1989)Google Scholar
  4. 4.
    Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the Correctness of Memories. In: Proc. of the 1995 IEEE Symposium on Foundations on Computer Science (1995)Google Scholar
  5. 5.
    Cattaneo, G., Catuogno, L., Del Sorbo, A., Persiano, G.: The Design and Implementation of a Cryptographic File System for UNIX. In: Proc. of 2001 USENIX Annual Technical Conference (2001)Google Scholar
  6. 6.
    Damgård, I.B.: Collision free hash functions and public key signature schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  7. 7.
    Di Crescenzo, G., Ghosh, A., Talpade, R.: Towards a Theory of Intrusion Detection. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 267–286. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Di Crescenzo, G., Vakil, F.: Cryptographic hashing for Virus Localization. In: Proc. of the 2006 ACM CCS Workshop on Rapid Malcode (2006)Google Scholar
  9. 9.
    Du, D., Hwang, F.: Combinatorial Group Testing and its Applications. World Scientific Publishing Company, Singapore (2000)zbMATHGoogle Scholar
  10. 10.
    Ghosh, A., Swaminatha, T.: Software security and privacy risks in mobile e-commerce. Communications of the ACM 44(2), 51–57 (2001)CrossRefGoogle Scholar
  11. 11.
    Goldreich, O., Goldwasser, S., Micali, S.: How to Construct Random Functions. Journal of the ACM 33(4) (1986)Google Scholar
  12. 12.
    Kim, G., Spafford, E.: The design and implementation of tripwire: a file system integrity checker. In: Proc. of 1994 ACM Conference on Computer and Communications Security (1994)Google Scholar
  13. 13.
    Merkle, R.: A Certified Digital Signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435. Springer, Heidelberg (1990)Google Scholar
  14. 14.
    NIST. Secure hash standard. Federal Information Processing Standard, FIPS-180-1 (April 1995)Google Scholar
  15. 15.
    NIST. Secure Hash Signature Standard (SHS) (FIPS PUB 180-2). United States of America, Federal Information Processing Standard (FIPS) 180-2, August 1 (2002)Google Scholar
  16. 16.
    NIST, Cryptographic Hash Algorithm Competition,
  17. 17.
    Oprea, A., Reiter, M., Yang, K.: Space-Efficient Block Storage Integrity. In: Proc. of 2005 Network and Distributed System Security Symposium (2005)Google Scholar
  18. 18.
    Rivest, R.: The MD5 Message-Digest Algorithm. Request for Comments (RFC 1320). Internet Activities Board, Internet Privacy Task Force (April 1992)Google Scholar
  19. 19.
    Russell, A.: Necessary and Sufficient Conditions for Collision-Free Hashing. Journal of Cryptology 8(2) (1995)Google Scholar
  20. 20.
    Skoudis, E.: MALWARE: Fighting Malicious Code. Prentice-Hall, Englewood Cliffs (2004)Google Scholar
  21. 21.
    Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley, Reading (2005)Google Scholar
  22. 22.
    Stalling, W., Brown, L.: Computer Security: Theory and Practice. Prentice-Hall, Englewood Cliffs (2007)Google Scholar
  23. 23.
    Sivathanu, G., Wright, C., Zadok, E.: Ensuring Data Integrity in Storage: Techniques and Applications. In: Proc. of the 2005 ACM International Workshop on Storage Security and Survivability (2005)Google Scholar
  24. 24.
    1st NIST Cryptographic Hash Functions Workshop,

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Giovanni Di Crescenzo
    • 1
  • Shaoquan Jiang
    • 2
  • Reihaneh Safavi-Naini
    • 3
  1. 1.Telcordia TechnologiesPiscatawayUSA
  2. 2.School of Computer ScienceUniversity of Electronic Science and Technology of ChinaChina
  3. 3.Department of Computer ScienceUniversity of CalgaryCanada

Personalised recommendations