Niveau: Supérieur, Doctorat, Bac+8
ECRYPT Hash Workshop 2007 (May 24–25 2007, Barcelona, Spain) V. Rijmen, chair. Workshop Proceedings, pages 4–19. Revisiting Security Relations Between Signature Schemes and their Inner Hash Functions Emmanuel Bresson3 and Benoıt Chevallier-Mames1 and Christophe Clavier1 and Blandine Debraize1 and Pierre-Alain Fouque4 and Louis Goubin1 and Aline Gouget1 and Gaetan Leurent4 and Phong Nguyen4 and Pascal Paillier1 and Thomas Peyrin2 and Sebastien Zimmer4 1 Cryptography and Innovation, Gemalto Security Labs 2 France Telecom Division R&D 3 DCSSI 4 Ecole Normale Superieure Abstract. After years of almost full confidence in the security of common hash functions such as MD5 and SHA-1, the cryptographic community is now facing the unprecedented threat of seeing practical security applications succumb to concrete attacks. A way to cope with this crisis is to fasten the development of new hash functions, but another crucial task is to assess the implications these attacks on hash functions may have on cryptographic systems. This paper reports a thorough investigation on how recent attacks on hash functions impact the security of signature schemes. We suggest the notion of probabilistic hash-and-sign signatures and further classify signature schemes into various related categories which allow us to identify completely the nature of security relations between signature schemes and their inner hash functions. We also determine how using iterated hash functions a la Merkle-Damg˚ard impacts the security of deterministic (resp.
- p1 ≤
- collision
- hash functions
- security results
- black-box reductions
- all ? -time
- hash function
- functions
- polynomial reduction