|
HAIFA Construction
The HAIFA construction (''hash iterative framework'') is a cryptographic structure used in the design of Cryptographic hash function, hash functions. It is one of the modern alternatives to the Merkle–Damgård construction, avoiding its weaknesses like length extension attacks. The construction was designed by Eli Biham and Orr Dunkelman in 2007. Three of the 14 second round candidates in the NIST hash function competition were based on HAIFA constructions (BLAKE (hash function), BLAKE, SHAvite-3, ECHO). Other hash functions based on it are LAKE, Sarmal, SWIFFT, SWIFFTX and HNF-256. The construction of Skein (hash function), Skein (Unique Block Iteration) is similar to HAIFA.Jean-Philippe Aumasson, Willi Meier, Raphael Phan, Luca Henzen: ''The Hash Function BLAKE'', p. 35 Another alternative construction is the sponge construction. References Cryptographic hash functions Theory of cryptography {{Crypto-stub ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographic Hash Function
A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output result (hash value) for a random input string ("message") is 2^ (like for any good hash), so the hash value can be used as a representative of the message; * finding an input string that matches a given hash value (a ''pre-image'') is unfeasible, unless the value is selected from a known pre-calculated dictionary (" rainbow table"). The ''resistance'' to such search is quantified as security strength, a cryptographic hash with n bits of hash value is expected to have a ''preimage resistance'' strength of n bits. A ''second preimage'' resistance strength, with the same expectations, refers to a similar problem of finding a second message that matches the given hash value when one message is already known; * finding any pair of different messa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Merkle–Damgård Construction
In cryptography, the Merkle–Damgård construction or Merkle–Damgård hash function is a method of building collision-resistant cryptographic hash functions from collision-resistant one-way compression functions. Goldwasser, S. and Bellare, M.br>"Lecture Notes on Cryptography" Summer course on cryptography, MIT, 1996-2001 This construction was used in the design of many popular hash algorithms such as MD5, SHA-1 and SHA-2. The Merkle–Damgård construction was described in Ralph Merkle's Ph.D. thesis in 1979. Ralph Merkle and Ivan Damgård independently proved that the structure is sound: that is, if an appropriate padding scheme is used and the compression function is collision-resistant, then the hash function will also be collision-resistant. The Merkle–Damgård hash function first applies an MD-compliant padding function to create an input whose size is a multiple of a fixed number (e.g. 512 or 1024) — this is because compression functions cannot handle inputs of ar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Length Extension Attack
In cryptography and computer security, a length extension attack is a type of attack where an attacker can use Hash(''message1'') and the length of ''message1'' to calculate Hash(''message1'' ‖ ''message2'') for an attacker-controlled ''message2'', without needing to know the content of ''message1''. This is problematic when the hash is used as a message authentication code with construction Hash(''secret'' ‖ ''message''), and ''message'' and the length of ''secret'' is known, because an attacker can include extra information at the end of the message and produce a valid hash without knowing the secret. Algorithms like MD5, SHA-1 and most of SHA-2 that are based on the Merkle–Damgård construction are susceptible to this kind of attack. Truncated versions of SHA-2, including SHA-384 and SHA-512/256 are not susceptible, nor is the SHA-3 algorithm. HMAC also uses a different construction and so is not vulnerable to length extension attacks. Explanation The vulnerable h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Eli Biham
Eli Biham ( he, אלי ביהם) is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion - Israel Institute of Technology Computer Science department. Starting from October 2008 and till 2013, Biham was the dean of the Technion Computer Science department, after serving for two years as chief of CS graduate school. Biham received his Ph.D. for inventing (publicly) differential cryptanalysis, while working under Adi Shamir. It had, it turned out, been invented at least twice before. A team at IBM discovered it during their work on DES, and was requested/required to keep their discovery secret by the NSA, who evidently knew about it as well. Contributions to cryptanalysis Among his many contributions to cryptanalysis one can count: * differential cryptanalysis - publicly invented during his Ph.D. studies under Adi Shamir * Attacking all triple modes of operation. * impossible differential cryptanalysis - joint work with Adi Shamir and Alex Biryukov * ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Orr Dunkelman
__INDEX__ Orr Dunkelman ( he, אור דונקלמן) is an Israeli cryptographer and cryptanalyst, currently a professor at the University of Haifa Computer Science department. Dunkelman is a co-director of the Center for Cyber Law & Privacy at the University of Haifa and a co-founder of Privacy Israel, an Israeli NGO for promoting privacy in Israel. Biography Dunkelman received all his degrees at the Technion - Israel Institute of Technology. He received his Ph.D. degree at the age of 25, under the supervision of Eli Biham. Before joining the University of Haifa, Dunkelman held post-doctoral positions at KU Leuven, at École normale supérieure, and at the Weizmann Institute of Science. Contributions to cryptanalysis Among his contributions to cryptanalysis are: * Dissection attack – joint work with Itai Dinur, Nathan Keller, and Adi Shamir, recipient of the Best Paper Award at the Crypto 2012 conference. * Rectangle attack – joint work with Eli Biham and Nathan ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
NIST Hash Function Competition
The NIST hash function competition was an open competition held by the US National Institute of Standards and Technology (NIST) to develop a new hash function called SHA-3 to complement the older SHA-1 and SHA-2. The competition was formally announced in the ''Federal Register'' on November 2, 2007. "NIST is initiating an effort to develop one or more additional hash algorithms through a public competition, similar to the development process for the Advanced Encryption Standard (AES)." The competition ended on October 2, 2012 when NIST announced that Keccak would be the new SHA-3 hash algorithm. The winning hash function has been published as NIST FIPS 202 the "SHA-3 Standard", to complement FIPS 180-4, the ''Secure Hash Standard''. The NIST competition has inspired other competitions such as the Password Hashing Competition. Process Submissions were due October 31, 2008 and the list of candidates accepted for the first round was published on December 9, 2008. NIST held a conf ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
BLAKE (hash Function)
BLAKE is a cryptographic hash function based on Daniel J. Bernstein's ChaCha (cipher), ChaCha stream cipher, but a permuted copy of the input block, XORed with round constants, is added before each ChaCha round. Like SHA-2, there are two variants differing in the Word (computer architecture), word size. ChaCha operates on a 4×4 array of words. BLAKE repeatedly combines an 8-word hash value with 16 message words, truncating the ChaCha result to obtain the next hash value. BLAKE-256 and BLAKE-224 use 32-bit words and produce digest sizes of 256 bits and 224 bits, respectively, while BLAKE-512 and BLAKE-384 use 64-bit words and produce digest sizes of 512 bits and 384 bits, respectively. The #BLAKE2, BLAKE2 hash function, based on BLAKE, was announced in 2012. The #BLAKE3, BLAKE3 hash function, based on BLAKE2, was announced in 2020. History BLAKE was submitted to the NIST hash function competition by Jean-Philippe Aumasson, Luca Henzen, Willi Meier, and Raphael C.-W. Phan. In 2008 ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SWIFFT
In cryptography, SWIFFT is a collection of provably secure hash functions. It is based on the concept of the fast Fourier transform (FFT). SWIFFT is not the first hash function based on FFT, but it sets itself apart by providing a mathematical proof of its security. It also uses the LLL basis reduction algorithm. It can be shown that finding collisions in SWIFFT is at least as difficult as finding short vectors in cyclic/ ideal lattices in the ''worst case''. By giving a security reduction to the worst-case scenario of a difficult mathematical problem, SWIFFT gives a much stronger security guarantee than most other cryptographic hash functions. Unlike many other provably secure hash functions, the algorithm is quite fast, yielding a throughput of 40Mbit/s on a 3.2 GHz Intel Pentium 4. Although SWIFFT satisfies many desirable cryptographic and statistical properties, it was not designed to be an "all-purpose" cryptographic hash function. For example, it is not a pseudorandom ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Skein (hash Function)
Skein is a cryptographic hash function and one of five finalists in the NIST hash function competition. Entered as a candidate to become the SHA-3 standard, the successor of SHA-1 and SHA-2, it ultimately lost to NIST hash candidate Keccak. The name Skein refers to how the Skein function intertwines the input, similar to a skein of yarn. History Skein was created by Bruce Schneier, Niels Ferguson, Stefan Lucks, Doug Whiting, Mihir Bellare, Tadayoshi Kohno, Jon Callas and Jesse Walker. Skein is based on the Threefish tweakable block cipher compressed using Unique Block Iteration (UBI) chaining mode, a variant of the Matyas–Meyer–Oseas hash mode, while leveraging an optional low-overhead argument-system for flexibility. Skein's algorithm and a reference implementation was given to public domain. Functionality Skein supports internal state sizes of 256, 512 and 1024 bits, and arbitrary output sizes. The authors claim 6.1 cycles per byte for any output size on an Inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unique Block Iteration
Unique primarily refers to: *Uniqueness, a state or condition wherein something is unlike anything else *In mathematics and logic, a unique object is the only object with a certain property, see Uniqueness quantification Unique may also refer to: Companies *Unique Art, an American toy company *Unique Broadcasting Company, a former name of UBC Media Group, based in London * Unique Business News a television news channel in Taiwan *Unique Mobility, a former name of UQM Technologies, a manufacturing company based in the United States *Unique Pub Company, a pub company based in the United Kingdom, acquired by Enterprise Inns *Unique Theater, a theater in Minneapolis, Minnesota, United States *Unique Group, a conglomerate in Bangladesh Music * ''Unique'' (DJ Encore album) * ''Unique'' (Juliette Schoppmann album) * Unique (band), a musical group from New York City *Unique (also known as Darren Styles), British musician *Unique Records, a former name of RKO/Unique Records *Unique Reco ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sponge Construction
In cryptography, a sponge function or sponge construction is any of a class of algorithms with finite internal state that take an input bit stream of any length and produce an output bit stream of any desired length. Sponge functions have both theoretical and practical uses. They can be used to model or implement many cryptographic primitives, including cryptographic hashes, message authentication codes, mask generation functions, stream ciphers, pseudo-random number generators, and authenticated encryption. Construction A sponge function is built from three components: * a state memory, ''S'', containing ''b'' bits, * a function f: \^b \rightarrow \^b * a padding function ''P'' ''S'' is divided into two sections: one of size ''r'' (the bitrate) and the remaining part of size ''c'' (the capacity). These sections are denoted ''R'' and ''C'' respectively. ''f'' produces a pseudorandom permutation of the 2^b states from ''S''. ''P'' appends enough bits to the input string so tha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptographic Hash Functions
A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output result ( hash value) for a random input string ("message") is 2^ (like for any good hash), so the hash value can be used as a representative of the message; * finding an input string that matches a given hash value (a ''pre-image'') is unfeasible, unless the value is selected from a known pre-calculated dictionary ("rainbow table"). The ''resistance'' to such search is quantified as security strength, a cryptographic hash with n bits of hash value is expected to have a ''preimage resistance'' strength of n bits. A ''second preimage'' resistance strength, with the same expectations, refers to a similar problem of finding a second message that matches the given hash value when one message is already known; * finding any pair of different mes ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
