...
  • 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>International Journal of Information Security >Sufficient conditions for sound tree and sequential hashing modes
【24h】

Sufficient conditions for sound tree and sequential hashing modes

机译:音树和顺序哈希模式的充分条件

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Hash functions are usually composed of a mode of operation on top of a concrete primitive with fixed inputlength and fixed output-length, such as a block cipher or a permutation. In practice, the mode is often sequential, although parallel (or tree) hashing modes are also possible. The former requires less memory, while the latter has several advantages such as its inherent parallelism and a lower cost of hash value recomputation when only a small part of the input changes. In this paper, we consider the general case of (tree or sequential) hashing modes that make use of an underlying hash function, which may in turn be sequential. We formulate a set of three simple conditions for such a (tree or sequential) hashing mode to be sound.By sound, we mean that the advantage in differentiating a hash function obtained by applying a tree hashing mode to an ideal underlying hash function from an ideal monolithic hash function is upper bounded by q~2/2~(n+1) with q the number of queries to the underlying hash function and n the length of the chaining values. We provide a proof of soundness in the indifferentiability framework. The conditions we formulate are easy to implement and to verify and can be used by the practitioner to build a tree hashing mode on top of an existing hash function. We show how to apply tree hashing modes to sequential hash functions in an optimal way, demonstrate the applicability of our conditions with two efficient and simple tree hashing modes and provide a simple method to take the union of tree hashing modes that preserves soundness. It turns out that sequential hashing modes using a compression function (i.e., a hash function with fixed input-length) can be considered as particular cases and, as a by-product, our results also apply to them. We discuss the different techniques for satisfying the three conditions, thereby shedding a new light on several published modes.
机译:哈希函数通常由具有固定输入长度和固定输出长度的具体图元之上的操作模式组成,例如分组密码或置换。实际上,该模式通常是顺序的,尽管并行(或树)哈希模式也是可能的。前者需要较少的内存,而后者则具有多个优点,例如,其固有的并行性和仅当输入的一小部分发生更改时哈希值重新计算的成本较低。在本文中,我们考虑了使用基础哈希函数的(树或顺序)哈希模式的一般情况,而哈希函数又可能是顺序的。我们为这样的(树或顺序的)哈希模式制定了一套三个简单的条件,即声音,这意味着将通过将树哈希模式应用于理想的基础哈希函数而获得的哈希函数与理想的单片哈希函数的上限是q〜2/2〜(n + 1),q是对基础哈希函数的查询数,n是链接值的长度。我们在不可微性框架中提供了可靠的证明。我们公式化的条件易于实现和验证,并且可以由从业人员用来在现有哈希函数之上构建树形哈希模式。我们展示了如何以最佳方式将树形哈希模式应用于顺序哈希函数,并通过两种有效且简单的树形哈希模式演示了我们条件的适用性,并提供了一种简单的方法来结合树形哈希模式以保持稳健性。事实证明,可以将使用压缩函数(即输入长度固定的哈希函数)的顺序哈希模式视为特殊情况,并且作为副产品,我们的结果也适用于它们。我们讨论了满足这三个条件的不同技术,从而使人们对几种公开模式有了新的认识。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号