Ivan Damgard. Collision free hash functions and public key signature schemes. In EUROCRYPT, pages 203--216, 1987.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....(or hard) 4.2 Hash function To verify the integrity of message, hashing is generally used. Hash function has three potential properties for an unkeyed hash function h with input (x, x # ) and output (y, y # ) those are preimage resistance, 2nd preimage resistance, and collision resistance[9, 13]. preimage resistance for essentially all pre specified outputs, it is computationally infeasible to find any input which hashes to that output, i.e. to find any preimage x # such that h(x # ) y when given any y for which a corresponding input is not known. 2nd preimage resistance ....

I. Damgard, "Collision free hash functions and public key signature schemes", Advances in Cryptology-EUROCRYPT '87 (LNCS 304), 2032.

....MD5 [dBB93, Dob96] We also point out the complexity theoretic result of Simon [Sim98] that shows that there exists an oracle relative to which UOWHFs exist but CRHFs do not. CRHFs can be constructed based on the hardness of specific number theoretic problems, like the discrete logarithm problem [Dam87] Simon s result is strong evidence that CRHFs cannot be constructed based on an arbitrary one way permutation, whereas Naor and Yung [NY89] show that a UOWHF can be so constructed. As we shall see, ACE needs only a UOWHF. We construct such a UOWHF by using the composition theorem in [Sho00a] ....

I. Damgard. Collision free hash functions and public key signature schemes. In Advances in Cryptology--Eurocrypt '87, 1987.

....but this is quite inefficient. Another alternative is to assume that one already has a PRF of small or fixed size (e.g. a block cipher) and show how to extend its domain and range to get a fully functional PRF. For a simple example, if H : f0; 1g is a collision resistant hash function [Dam87] and F SK : f0; 1g R is our fixed sized PRF, then F SK H : f0; 1g R is also a PRF (many other constructions are possible too; see [BKR00, BCK96] and the references therein) Of course, we are still left with the question of constructing the needed small sized PRF. The last alternative ....

Ivan Damgard. Collision-free hash functions and public-key signature schemes. In David Chaum and Wyn L. Price, editors, Advances in Cryptology---EUROCRYPT 87, volume 304 of Lecture Notes in Computer Science. Springer-Verlag, 1988, 13--15 April 1987.

....theories. That implication will be discussed in detail in another paper. 2.1 Oracle Hardness Results The original motivation for the collision problem was to model (strongly) collision resistant hash functions in cryptography. There is a large literature on collision resistant hashing; see [10, 2] for example. When building secure digital signature schemes, it is useful to have a family of hash functions H , such that finding a distinct (x, y) pair with H i (x) H i (y) is computationally intractable. A quantum algorithm for finding collisions using O (polylog (n) queries would ....

I. B. Damgard. Collision free hash functions and public key signature schemes. Proceedings of Eurocrypt'87, Volume 304 of Lecture Notes in Computer Science (Springer-Verlag), 1988.

....bsf on the Pentium, for example) This basically means that all nontrivial instructions of Algorithm 1 (namely, w h , ntz and . can be seen as primitive in modern microprocessors. We let to denote the concatenation of binary strings and . We use a collision resistant hash function H [Dam87]. We assume implicitly that the left argument of H is evaluated (that is, popped from the stack) earlier than the right argument of H . 3.2 Variables Algorithm 1 uses a stack that has maximum size w, and is initially empty. The top element of the stack can be removed by using function pop( and ....

Ivan Bjerre Damgard. Collision free hash functions and public key signature schemes. In David Chaum and Wyn L. Price, editors, Advances in Cryptology --- EUROCRYPT '87, volume 304 of Lecture Notes in Computer Science, pages 203--216, Amsterdam, The Netherlands, 13--15 April 1987. Springer-Verlag, 1988.

....hash function, then the proposed signature scheme would be secure as described in Section 3.3. Since such a random function does not exist in the real world, in implementation, we are recommended SHA 1 by [NIST95] which is designed so that the algorithm can be a collision intractable hash function [Dam88]. 3.3 Security Analysis In this paper, we say that a signature scheme is secure, if no polynomial time adversary A can existentially forge a signature under the adaptive chosen mes sage attack. In this section, we show that Scheme I is secure, by using the forking lemma in [PS00] and showing ....

I. Damgard: "Collision free hash functions and public key signature schemes", Advances in cryptology - Eurocrypt'87, Lecture Notes in Computer Science 304, Springer-Verlag, pp.203-216, 1988.

....R(D) Cryptographic tools: Since the requirement is that the scheme produce short signatures on long documents, it is quite clear that some sort of one way hashing should be used. These come in (at least) two flavors: universal one way hash functions [25] and collision intractable functions [10]. A family H of universal one way hash functions has the following property: Fix a string S. Let h be chosen at random from the family H of universal one way hash functions. Then it is computationally infeasible to find a string S 0 such that h(S) h(S 0 ) This is weaker than ....

I. B. Damgard, Collision Free Hash Functions and Public Key Signature Schemes , Advances in Cryptology - Eurocrypt`87, Lecture Notes in Computer Science vol. 304, Springer Verlag, 1988, pp. 203--216.

.... arguments for NP was under specific algebraic assumptions [6, 4, 24, 7, 3, 23] or under the assumption that collision intractable hash functions exists (first shown in [31] see [11] for more information) which in turn is only known to be constructed under specific algebraic assumptions [5, 8, 9]. Our result gives the first general reduction: zero knowledge NP arguments can be constructed given any one way permutation, by first constructing an information theoretically secure bit commitment. 1.2 Organization of the paper In section 2, we give the model, the formal definitions of the ....

I. Damgard, Collision Free Hash Functions and Public Key Signatures Schemes, Advances in Cryptology - Eurocrypt '87, Lecture Notes in Computer Science 293, Springer-Verlag, 1988, pp. 203--216.

....so that it would be hard to find collisions was recognized since the earlier days of modern cryptography: Diffie and Hellman [6] mention such functions and Rabin [28] lists required properties of such functions. Other examples of work involving such functions are Merkle s [24, 25, 23] and Damgard [5]. One usage of such functions was in conjunction with digital signatures: instead of signing a long message, apply the hash function and sign the result. The property that all previous researcher looked for was that given the description of the hash function h it should be hard to find x 6= y ....

I. B. Damgard, Collision Free Hash Functions and Public Key Signature Schemes , Eurocrypt, 1987.

....rather than showing that the underlying assumption of the scheme is broken, it will be shown that a collision for the collision resistant hash function used for hashing is found. The hash function must be based on a computational assumption. Hash functions with this property, developed in [12, 24], require on average one modular multiplication for one bit of the message, and so drastically reduce the speed of signature generation and testing. The above points imply that signing a message of length # bits, 151 # 1882, requires on average # more modular multiplications compared to our ....

Damgard, I. B. (1988) Collision free hash functions and public key signature scheme. Advances in Cryptology--- Eurocrypt '87. Lecture Notes in Computer Science, 304, 203-- 216. Springer-Verlag, Berlin.

No context found.

Ivan Damgard. Collision free hash functions and public key signature schemes. In EUROCRYPT, pages 203--216, 1987.

No context found.

I. Damgard, Collision Free Hash Functions and Public Key Signature Schemes, EUROCRYPT 1987: 203-216.

No context found.

I. Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In D. Chaum and W. L. Price, editors, EUROCRYPT'87, Lecture Notes in Computer Science 304, pages 203--216, 1987.

No context found.

Ivan Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In David Chaum and Wyn L. Price, editors, Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1987.

No context found.

I. B. Damgard, Collision free hash functions and public key signature schemes, Eurocrypt '87, LNCS 304, Springer-Verlag, Berlin 1988, 203--216

No context found.

I. Damgard: "Collision free hash functions and public key signature schemes", Proceedings of EuroCrypt'87, 1987, pp.203-216.

No context found.

Ivan Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In David Chaum and Wyn L. Price, editors, Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1987.

No context found.

Ivan Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In David Chaum and Wyn L. Price, editors, Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT 1987.

No context found.

I.B. Damgard. Collision free hash functions and public key signature schemes. In D. Chaum and W.L. Price, editors, EUROCRYPT, volume 304 of Lecture Notes in Computer Science, pages 203--216, Berlin, 1988. Springer. 21

No context found.

I. Damgard: "Collision free hash functions and public key signature schemes", Proceedings of EUROCRYPT'87, 1987, pp.203-216.

No context found.

I. Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In EuroCrypt '87, Springer-Verlag, LNCS 304, pages 203--216.

No context found.

I. Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In EuroCrypt '87, Springer-Verlag, LNCS 304, pages 203--216.

No context found.

I. B. Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In Advances in Cryptology-CRYPTO '87, volume 304 of Lecture Notes in Computer Science, pages 203-216. Springer-Verlag, 1987.

No context found.

I. Damgard. Collision Free Hash Functions and Public Key Signature Schemes. In EuroCrypt '87, Springer-Verlag, LNCS 304, pages 203-216.

No context found.

I.B. Damgard. Collision free hash functions and public-key signature schemes. Eurocrypt '87, LNCS vol. 304, pp. 203--216, Springer-Verlag, 1987. 16

First 50 documents  Next 50

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC