FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W1568803738> ?p ?o ?g. }

• W1568803738 abstract "We consider several secure hash functions that compute simple sums in a well chosen group (G,*). Security properties of such functions provably translate in a natural way to computational problems in G that are simple to define and possibly also hard to solve. Given k disjoint lists Li of group elements, the k-sum problem asks for gi ∊ Li such that g1 * g2 *...* gk = 1G. Hardness of the problem in the respective groups follows from some assumptions used in public-key cryptology such as hardness of integer factoring, discrete logarithms, lattice reduction and syndrome decoding. We point out evidence that the k-sum problem may even be harder than the above problems. Two hash functions based on the group k-sum problem, SWIFFTX and FSB, were submitted to NIST as candidates for the future SHA-3 standard. Both submissions were supported by some sort of a security proof. We show that the assessment of security levels provided in the proposals is not related to the proofs included. The main claims on security are supported exclusively by considerations about available attacks. By introducing second-order bounds on bounds on security, we expose the limits of such an approach to provable security. A problem with the way security is quantified does not necessarily mean a problem with security itself. Although FSB does have a history of failures, recent versions of the two above functions have resisted cryptanalytic efforts well. This evidence, as well as the several connections to more standard problems, suggests that the k-sum problem in some groups may be considered hard on its own, and possibly lead to provable bounds on security. Complexity of the non-trivial tree algorithm is becoming a standard tool for measuring the associated hardness. We propose modifications to the multiplicative Very Smooth Hash and derive security from multiplicative k-sums in contrast to the original reductions that related to factoring or discrete logarithms. Although the original reductions remain valid, we measure security in a new, more aggressive way. This allows us to relax the parameters and hash faster. We obtain a function that is only three times slower compared to SHA-256 and is estimated to offer at least equivalent collision resistance. The speed can be doubled by the use of a special modulus, such a modified function is supported exclusively by the hardness of multiplicative k-sums modulo a power of two. Our efforts culminate in a new multiplicative k-sum function in finite fields that further generalizes the design of Very Smooth Hash. In contrast to the previous variants, the memory requirements of the new function are negligible. The fastest instance of the function expected to offer 128-bit collision resistance runs at 24 cycles per byte on an Intel Core i7 processor and approaches the 17.4 figure of SHA-256. The new functions proposed in this thesis do not provably achieve a usual security property such as preimage or collision resistance from a well-established assumption. They do however enjoy unconditional provable separation of inputs that collide. Changes in input that are small with respect to a well defined measure never lead to identical output in the compression function." @default.
• W1568803738 created "2016-06-24" @default.
• W1568803738 creator A5026393632 @default.
• W1568803738 date "2011-01-01" @default.
• W1568803738 modified "2023-09-23" @default.
• W1568803738 title "Cryptographic Hash Functions in Groups and Provable Properties" @default.
• W1568803738 cites W1484626591 @default.
• W1568803738 cites W1486819428 @default.
• W1568803738 cites W1489530068 @default.
• W1568803738 cites W149470655 @default.
• W1568803738 cites W1495150777 @default.
• W1568803738 cites W1495653136 @default.
• W1568803738 cites W1495724987 @default.
• W1568803738 cites W1507575253 @default.
• W1568803738 cites W1509894284 @default.
• W1568803738 cites W1511462257 @default.
• W1568803738 cites W1512498994 @default.
• W1568803738 cites W1513904472 @default.
• W1568803738 cites W1525538795 @default.
• W1568803738 cites W1526708853 @default.
• W1568803738 cites W1526778951 @default.
• W1568803738 cites W1533007301 @default.
• W1568803738 cites W1534643746 @default.
• W1568803738 cites W1535549599 @default.
• W1568803738 cites W1536493828 @default.
• W1568803738 cites W1536929968 @default.
• W1568803738 cites W1544857718 @default.
• W1568803738 cites W1545589079 @default.
• W1568803738 cites W1548701190 @default.
• W1568803738 cites W1549228503 @default.
• W1568803738 cites W1557689908 @default.
• W1568803738 cites W1563037599 @default.
• W1568803738 cites W1565415113 @default.
• W1568803738 cites W1567888865 @default.
• W1568803738 cites W1603505516 @default.
• W1568803738 cites W1607206152 @default.
• W1568803738 cites W1626445927 @default.
• W1568803738 cites W1653866131 @default.
• W1568803738 cites W1656731780 @default.
• W1568803738 cites W1660562555 @default.
• W1568803738 cites W1669794847 @default.
• W1568803738 cites W1766548092 @default.
• W1568803738 cites W1814391573 @default.
• W1568803738 cites W1830462317 @default.
• W1568803738 cites W1856875316 @default.
• W1568803738 cites W1863270349 @default.
• W1568803738 cites W1875575243 @default.
• W1568803738 cites W1886344012 @default.
• W1568803738 cites W1897146492 @default.
• W1568803738 cites W1968182591 @default.
• W1568803738 cites W1977853230 @default.
• W1568803738 cites W1981455414 @default.
• W1568803738 cites W1984484752 @default.
• W1568803738 cites W1989510734 @default.
• W1568803738 cites W1996360405 @default.
• W1568803738 cites W2000932900 @default.
• W1568803738 cites W2004814164 @default.
• W1568803738 cites W2005317356 @default.
• W1568803738 cites W2008272678 @default.
• W1568803738 cites W2009888012 @default.
• W1568803738 cites W2011039300 @default.
• W1568803738 cites W2019816098 @default.
• W1568803738 cites W2028838608 @default.
• W1568803738 cites W2035929826 @default.
• W1568803738 cites W2052267638 @default.
• W1568803738 cites W2077244027 @default.
• W1568803738 cites W2099250555 @default.
• W1568803738 cites W2103239853 @default.
• W1568803738 cites W2106287110 @default.
• W1568803738 cites W2108412489 @default.
• W1568803738 cites W2108834246 @default.
• W1568803738 cites W2122923509 @default.
• W1568803738 cites W2126483728 @default.
• W1568803738 cites W2127064687 @default.
• W1568803738 cites W2134403686 @default.
• W1568803738 cites W2142048307 @default.
• W1568803738 cites W2145570103 @default.
• W1568803738 cites W2150780437 @default.
• W1568803738 cites W2156186849 @default.
• W1568803738 cites W2159047178 @default.
• W1568803738 cites W2159641801 @default.
• W1568803738 cites W2164988972 @default.
• W1568803738 cites W2166957790 @default.
• W1568803738 cites W2169649500 @default.
• W1568803738 cites W2179025976 @default.
• W1568803738 cites W2180929963 @default.
• W1568803738 cites W2311900220 @default.
• W1568803738 cites W2400908863 @default.
• W1568803738 cites W2401610261 @default.
• W1568803738 cites W24281520 @default.
• W1568803738 cites W2612691132 @default.
• W1568803738 cites W2955609830 @default.
• W1568803738 cites W2986959318 @default.
• W1568803738 cites W3021521448 @default.
• W1568803738 cites W3128981953 @default.
• W1568803738 cites W3145042860 @default.
• W1568803738 cites W3172550433 @default.
• W1568803738 cites W3217775779 @default.
• W1568803738 cites W572171498 @default.
• W1568803738 cites W91031763 @default.

• next