This preview shows page 1. Sign up to view the full content.
Unformatted text preview: boratory, although a description was recently published in [1335]. A group of researchers at the University of Waterloo have proposed a oneway hash function based on iterated exponentiation in GF(2593) [22]. In this scheme, a message is divided into 593bit blocks; beginning with the first block, the blocks are successively exponentiated. Each exponent is the result of the computation with the previous block; the first exponent is given by an IV. Ivan Damgård designed a oneway hash function based on the knapsack problem (see Section 19.2) [414]; it can be broken in about 232 operations [290, 1232, 787]. Steve Wolfram’s cellular automata [1608] have been proposed as a basis for oneway hash functions. An early implementation [414] is insecure [1052, 404]. Another oneway hash function, Cellhash [384,404], and an improved version, Subhash [384,402, 405], are based on cellular automata; both are designed for hardware. Boognish mixes the design principles of Cellhash with those of MD4 [402, 407]. StepRightUp can be implemented as a hash function as well [402]. Claus Schnorr proposed a oneway hash function based on the discrete Fourier transform, called FFTHash, in the summer of 1991 [1399]; it was broken a few months later by two independent groups [403, 84]. Schnorr proposed a revised version, called FFTHash II (the previous version was renamed FFTHash I) [1400], which was broken a few weeks later [1567]. Schnorr has proposed further modifications [1402, 1403] but, as it stands, the algorithm is much slower than the others in this chapter. Another hash function, called SL2 [1526], is insecure [315]. Additional theoretical work on constructing oneway hash functions from oneway functions and oneway permutations can be found in [412, 1138, 1342]. 18.11 OneWay Hash Functions Using Symmetric Block Algorithms
It is possible to use a symmetric block cipher algorithm as a oneway hash function. The idea is that if the block algorithm is secure, then the oneway hash function will also be secure. The most obvious method is to encrypt the message with...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details