ABR哈希的碰撞与局部开度分析

C. Dhar, Y. Dodis, M. Nandi
{"title":"ABR哈希的碰撞与局部开度分析","authors":"C. Dhar, Y. Dodis, M. Nandi","doi":"10.4230/LIPIcs.ITC.2022.11","DOIUrl":null,"url":null,"abstract":"The question of building the most efficient tn -to- n -bit collision-resistant hash function H from a smaller (say, 2 n -to- n -bit) compression function f is one of the fundamental questions in symmetric key cryptography. This question has a rich history, and was open for general t , until a recent breakthrough paper by Andreeva, Bhattacharyya and Roy at Eurocrypt’21, who designed an elegant mode (which we call ABR ) achieving roughly 2 t/ 3 calls to f , which matches the famous Stam’s bound from CRYPTO’08. Unfortunately, we have found serious issues in the claims made by the authors. These issues appear quite significant, and range from verifiably false statements to noticeable gaps in the proofs (e.g., omissions of important cases and unjustified bounds). We were unable to patch up the current proof provided by the authors. Instead, we prove from scratch the security of the ABR construction for the first non-trivial case t = 11 ( ABR mode of height 3), which was incorrectly handled by the authors. In particular, our result matches Stam’s bound for t = 11. While the general case is still open, we hope our techniques will prove useful to finally settle the question of the optimal efficiency of hash functions.","PeriodicalId":6403,"journal":{"name":"2007 IEEE International Test Conference","volume":"19 1","pages":"11:1-11:22"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Revisiting Collision and Local Opening Analysis of ABR Hash\",\"authors\":\"C. Dhar, Y. Dodis, M. Nandi\",\"doi\":\"10.4230/LIPIcs.ITC.2022.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The question of building the most efficient tn -to- n -bit collision-resistant hash function H from a smaller (say, 2 n -to- n -bit) compression function f is one of the fundamental questions in symmetric key cryptography. This question has a rich history, and was open for general t , until a recent breakthrough paper by Andreeva, Bhattacharyya and Roy at Eurocrypt’21, who designed an elegant mode (which we call ABR ) achieving roughly 2 t/ 3 calls to f , which matches the famous Stam’s bound from CRYPTO’08. Unfortunately, we have found serious issues in the claims made by the authors. These issues appear quite significant, and range from verifiably false statements to noticeable gaps in the proofs (e.g., omissions of important cases and unjustified bounds). We were unable to patch up the current proof provided by the authors. Instead, we prove from scratch the security of the ABR construction for the first non-trivial case t = 11 ( ABR mode of height 3), which was incorrectly handled by the authors. In particular, our result matches Stam’s bound for t = 11. While the general case is still open, we hope our techniques will prove useful to finally settle the question of the optimal efficiency of hash functions.\",\"PeriodicalId\":6403,\"journal\":{\"name\":\"2007 IEEE International Test Conference\",\"volume\":\"19 1\",\"pages\":\"11:1-11:22\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 IEEE International Test Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4230/LIPIcs.ITC.2022.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE International Test Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4230/LIPIcs.ITC.2022.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

从较小的(例如,2n到n位)压缩函数f构建最有效的tn到n位抗碰撞哈希函数H的问题是对称密钥密码学中的基本问题之一。这个问题有着丰富的历史,并且对一般t开放,直到最近由Andreeva, Bhattacharyya和Roy在Eurocrypt ' 21上发表的突破性论文,他们设计了一个优雅的模式(我们称之为ABR),实现了大约2 t/ 3对f的调用,这与CRYPTO ' 08中著名的斯塔姆界相匹配。不幸的是,我们在作者的声明中发现了严重的问题。这些问题似乎相当重要,从可核实的虚假陈述到证明中明显的空白(例如,遗漏重要案例和不合理的界限)。我们无法修补作者提供的现有证据。相反,我们从头开始证明了作者错误处理的第一个非平凡情况t = 11(高度为3的ABR模式)的ABR构造的安全性。特别地,我们的结果与Stam在t = 11时的边界匹配。虽然一般的情况仍然是开放的,但我们希望我们的技术将证明对最终解决哈希函数的最佳效率问题是有用的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Revisiting Collision and Local Opening Analysis of ABR Hash
The question of building the most efficient tn -to- n -bit collision-resistant hash function H from a smaller (say, 2 n -to- n -bit) compression function f is one of the fundamental questions in symmetric key cryptography. This question has a rich history, and was open for general t , until a recent breakthrough paper by Andreeva, Bhattacharyya and Roy at Eurocrypt’21, who designed an elegant mode (which we call ABR ) achieving roughly 2 t/ 3 calls to f , which matches the famous Stam’s bound from CRYPTO’08. Unfortunately, we have found serious issues in the claims made by the authors. These issues appear quite significant, and range from verifiably false statements to noticeable gaps in the proofs (e.g., omissions of important cases and unjustified bounds). We were unable to patch up the current proof provided by the authors. Instead, we prove from scratch the security of the ABR construction for the first non-trivial case t = 11 ( ABR mode of height 3), which was incorrectly handled by the authors. In particular, our result matches Stam’s bound for t = 11. While the general case is still open, we hope our techniques will prove useful to finally settle the question of the optimal efficiency of hash functions.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信