Bringing Order to Chaos: The Case of Collision-Resistant Chameleon-Hashes

IF 2.3 3区计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS

Journal of Cryptology Pub Date : 2024-07-02 DOI:10.1007/s00145-024-09510-9

David Derler, Kai Samelin, Daniel Slamanig

{"title":"Bringing Order to Chaos: The Case of Collision-Resistant Chameleon-Hashes","authors":"David Derler, Kai Samelin, Daniel Slamanig","doi":"10.1007/s00145-024-09510-9","DOIUrl":null,"url":null,"abstract":"<p>Chameleon-hash functions, introduced by Krawczyk and Rabin (NDSS’00), are trapdoor collision-resistant hash functions parametrized by a public key. If the corresponding secret key is known, arbitrary collisions for the hash function can be found efficiently. Chameleon-hash functions have prominent applications in the design of cryptographic primitives, such as lifting non-adaptively secure signatures to adaptively secure ones. Recently, this primitive also received a lot of attention as a building block in more complex cryptographic applications, ranging from editable blockchains to advanced signature and encryption schemes. We observe that, in latter applications, various different notions of collision-resistance are used, and it is not always clear if the respective notion really covers what seems intuitively required by the application. Therefore, we revisit existing collision-resistance notions in the literature, study their relations, and by means of selected applications discuss which practical impact different notions of collision-resistance might have. Moreover, we provide a stronger, and arguably more desirable, notion of collision-resistance than what is known from the literature (which we call full collision-resistance). Finally, we present a surprisingly simple, and efficient, black-box construction of chameleon-hash functions achieving this strong notion of full collision-resistance.\n</p>","PeriodicalId":54849,"journal":{"name":"Journal of Cryptology","volume":"23 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00145-024-09510-9","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Chameleon-hash functions, introduced by Krawczyk and Rabin (NDSS’00), are trapdoor collision-resistant hash functions parametrized by a public key. If the corresponding secret key is known, arbitrary collisions for the hash function can be found efficiently. Chameleon-hash functions have prominent applications in the design of cryptographic primitives, such as lifting non-adaptively secure signatures to adaptively secure ones. Recently, this primitive also received a lot of attention as a building block in more complex cryptographic applications, ranging from editable blockchains to advanced signature and encryption schemes. We observe that, in latter applications, various different notions of collision-resistance are used, and it is not always clear if the respective notion really covers what seems intuitively required by the application. Therefore, we revisit existing collision-resistance notions in the literature, study their relations, and by means of selected applications discuss which practical impact different notions of collision-resistance might have. Moreover, we provide a stronger, and arguably more desirable, notion of collision-resistance than what is known from the literature (which we call full collision-resistance). Finally, we present a surprisingly simple, and efficient, black-box construction of chameleon-hash functions achieving this strong notion of full collision-resistance.

Abstract Image

查看原文本刊更多论文

让混乱变得有序抗碰撞变色龙-哈希的案例

变色龙哈希函数由 Krawczyk 和 Rabin（NDSS'00）提出，是一种由公钥参数化的陷阱门抗碰撞哈希函数。如果知道相应的秘钥，就能高效地找到散列函数的任意碰撞。变色龙哈希函数在密码基元设计中有着突出的应用，如将非自适应安全签名提升为自适应安全签名。最近，变色龙哈希函数作为更复杂加密应用的构件也受到了广泛关注，从可编辑区块链到高级签名和加密方案，不一而足。我们注意到，在后者的应用中，使用了各种不同的抗碰撞概念，而且并不总是很清楚各自的概念是否真正涵盖了应用的直观要求。因此，我们重新审视了文献中现有的抗碰撞概念，研究了它们之间的关系，并通过选定的应用讨论了不同的抗碰撞概念可能产生的实际影响。此外，我们还提供了一个比文献中已知的抗碰撞性概念（我们称之为完全抗碰撞性）更强、也可以说更理想的抗碰撞性概念。最后，我们提出了一种简单而高效的变色龙哈希函数黑盒结构，它实现了完全抗碰撞的强概念。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cryptology 工程技术-工程：电子与电气

CiteScore

7.10

自引率

3.30%

发文量

审稿时长

18 months

期刊介绍： The Journal of Cryptology is a forum for original results in all areas of modern information security. Both cryptography and cryptanalysis are covered, including information theoretic and complexity theoretic perspectives as well as implementation, application, and standards issues. Coverage includes such topics as public key and conventional algorithms and their implementations, cryptanalytic attacks, pseudo-random sequences, computational number theory, cryptographic protocols, untraceability, privacy, authentication, key management and quantum cryptography. In addition to full-length technical, survey, and historical articles, the journal publishes short notes.