Abstract
We consider basic notions of security for cryptographic hash functions: collision resistance, preimage resistance, and second-preimage resistance. We give seven different definitions that correspond to these three underlying ideas, and then we work out all of the implications and separations among these seven definitions within the concrete-security, provable-security framework. Because our results are concrete, we can show two types of implications, conventional and provisional, where the strength of the latter depends on the amount of compression achieved by the hash function. We also distinguish two types of separations, conditional and unconditional. When constructing counterexamples for our separations, we are careful to preserve specified hash-function domains and ranges; this rules out some pathological counterexamples and makes the separations more meaningful in practice. Four of our definitions are standard while three appear to be new; some of our relations and separations have appeared, others have not. Here we give a modern treatment that acts to catalog, in one place and with carefully-considered nomenclature, the most basic security notions for cryptographic hash functions.
Chapter PDF
Similar content being viewed by others
Keywords
References
Anderson, R.: The classification of hash functions. In: IMA Conference in Cryptography and Coding IV, December 1993, pp. 83–94 (1993)
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 232–249. Springer, Heidelberg (1998)
Bellare, M., Rogaway, P.: Collision-resistant hashing: Towards making UOWHFs practical. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 470–484. Springer, Heidelberg (1997)
Black, J., Rogaway, P., Shrimpton, T.: Black-box analysis of the blockcipher- based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 320. Springer, Heidelberg (2002)
Brown, D., Johnson, D.: Formal security proofs for a signature scheme with partial message recovery. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 126–144. Springer, Heidelberg (2001)
Damgård, I.: Collision free hash fucntions and public key signature schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1988)
Damgård, I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28, 270–299 (1984)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Merkle, R.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)
Mironov, I.: Hash functions: From Merkle-Damgård to Shoup. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 166. Springer, Heidelberg (2001)
Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: Proceedings of the Twenty-first ACM Symposium on Theory of Computing, pp. 33–43 (1989)
Preneel, B.: Cryptographic hash functions. Katholieke Universiteit Leuven, Belgium (1993)
Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: Definitions, implications and separations for preimage resistance, second-preimage resistance, and collision resistance (2004), Full version of this paper, http://www.cs.ucdavis.edu/~rogaway
Stinson, D.: Some observations on the theory of cryptographic hash functions. Technical Report 2001/020, University of Waterloo (2001)
Zheng, Y., Matsumoto, T., Imai, H.: Connections among several versions of oneway hash functions. In: Special Issue on Cryptography and Information Security, Proceedings of IEICE of Japan (1990)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rogaway, P., Shrimpton, T. (2004). Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. In: Roy, B., Meier, W. (eds) Fast Software Encryption. FSE 2004. Lecture Notes in Computer Science, vol 3017. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-25937-4_24
Download citation
DOI: https://doi.org/10.1007/978-3-540-25937-4_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22171-5
Online ISBN: 978-3-540-25937-4
eBook Packages: Springer Book Archive