CT-RSA 2010: Topics in Cryptology - CT-RSA 2010 pp 382-396

# On Fast Verification of Hash Chains

• Dae Hyun Yum
• Jin Seok Kim
• Pil Joong Lee
• Sung Je Hong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5985)

## Abstract

A hash chain H for a hash function hash(·) is a sequence of hash values 〈x n , x n − 1,..., x 0 〉, where x 0 is a secret value, x i is generated by x i  = hash(x i − 1) for 1 ≤ i ≤ n, and x n is a public value. Hash values of H are disclosed gradually from x n − 1 to x 0. The correctness of a disclosed hash value x i can be verified by checking the equation $$x_n \stackrel{?}{=} {\mathsf{hash}}^{n-i}(x_i)$$. To speed up the verification, Fischlin introduced a check-bit scheme at CT-RSA 2004. The basic idea of the check-bit scheme is to output some extra information cb, called a check-bit vector, in addition to the public value x n , which allows each verifier to perform only a fraction of the original work according to his or her own security level. We revisit the Fischlin’s check-bit scheme and show that the length of the check-bit vector cb can be reduced nearly by half. The reduced length of cb is close to the theoretic lower bound.

## Keywords

Hash chain progressive verification check-bit scheme

## Preview

Unable to display preview. Download preview PDF.

## References

1. 1.
Anderson, R.J., Manifavas, C., Sutherland, C.: Netcard - a practical electronic-cash system. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 49–57. Springer, Heidelberg (1997)Google Scholar
2. 2.
Rivest, R.L., Shamir, A.: Payword and micromint: Two simple micropayment schemes. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 69–87. Springer, Heidelberg (1997)Google Scholar
3. 3.
Haller, N.: The s/key one-time password system. RFC 1760, Internet Engineering Task Force (1995)Google Scholar
4. 4.
Perrig, A., Canetti, R., Song, D.X., Tygar, J.D.: Efficient and secure source authentication for multicast. In: NDSS 2001, The Internet Society (2001)Google Scholar
5. 5.
Perrig, A., Canetti, R., Tygar, J.D., Song, D.X.: Efficient authentication and signing of multicast streams over lossy channels. In: IEEE Symposium on Security and Privacy, pp. 56–73. IEEE Computer Society, Los Alamitos (2000)Google Scholar
6. 6.
Hu, Y.C., Perrig, A., Johnson, D.B.: Ariadne: A secure on-demand routing protocol for ad hoc networks. Wireless Networks 11(1-2), 21–38 (2005)
7. 7.
Stubblebine, S.G., Syverson, P.F.: Fair on-line auctions without special trusted parties. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 230–240. Springer, Heidelberg (1999)
8. 8.
Coppersmith, D., Jakobsson, M.: Almost optimal hash sequence traversal. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 102–119. Springer, Heidelberg (2003)
9. 9.
Jakobsson, M.: Fractal hash sequence representation and traversal. In: IEEE International Symposium on Information Theory, pp. 437–444. IEEE, Los Alamitos (2002)Google Scholar
10. 10.
Kim, S.R.: Improved scalable hash chain traversal. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 86–95. Springer, Heidelberg (2003)Google Scholar
11. 11.
Sella, Y.: On the computation-storage trade-offs of hash chain traversal. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 270–285. Springer, Heidelberg (2003)Google Scholar
12. 12.
Yum, D.H., Seo, J.W., Eom, S., Lee, P.J.: Single-layer fractal hash chain traversal with almost optimal complexity. In: Fischlin, M. (ed.) Topics in Cryptology – CT-RSA 2009. LNCS, vol. 5473, pp. 325–339. Springer, Heidelberg (2009)
13. 13.
Fischlin, M.: Fast verification of hash chains. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 339–352. Springer, Heidelberg (2004)Google Scholar
14. 14.
Fischlin, M.: Progressive verification: The case of message authentication. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 416–429. Springer, Heidelberg (2003)Google Scholar
15. 15.
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)Google Scholar

© Springer-Verlag Berlin Heidelberg 2010

## Authors and Affiliations

• Dae Hyun Yum
• 1
• Jin Seok Kim
• 2
• Pil Joong Lee
• 1
• Sung Je Hong
• 2
1. 1.Information Security Lab, POSTECHRepublic of Korea
2. 2.High Performance Computing Lab, POSTECHRepublic of Korea