[79820] in cryptography@c2.net mail archive
Special block cipher family DN and hash function family HDN
daemon@ATHENA.MIT.EDU (vlastimil.klima@volny.cz)
Thu Feb 22 08:54:32 2007
From: vlastimil.klima@volny.cz
To: cryptography@metzdowd.com
Date: Thu, 22 Feb 2007 12:33:14 +0100 (CET)
FYI:
Special block cipher family DN and hash function family HDN
----------------------------------
Notes from the Hash Futures Panel,=20
SECOND CRYPTOGRAPHIC HASH WORKSHOP,
Santa Barbara, USA, August 24-25, 2006,=20
http://www.proper.com/lookit/hash-futures-panel-notes.html
(Paul Hoffman): "...At the end of this topic, Joux says that we do
not understand what we are doing and that we do not really know what
we want; there is agreement from all the panelists."
----------------------------------
I would like to announce: "Special block cipher family DN and=20
new generation SNMAC-type hash function family HDN", IACR=20
ePrint archive Report 2007/050, and source codes, including=20
a benchmark, available on homepage
http://cryptography.hyperlink.cz/SNMAC/SNMAC_EN.html.=20
The paper also contains an explanation why we need the new=20
cryptographic primitive for hash functions.
In the paper introducing SNMAC (http://eprint.iacr.org/2006/376) I=20
briefly explained why a classical block cipher is not an appropriate
building block for compression function of a hash function.=20
However, I think I didn't stress enough the need for a new=20
cryptographic primitive to build hash functions.=20
I think that the difference between a compression function and=20
a classical block cipher is just the difference between=20
"what we want" and "what we are doing".
----------------------------------
The differences are briefly:
--------
classical block cipher=20
X=20
compression function:
--------
it contains an element, unknown to the attacker=20
X=20
the attacker knows all inputs and is able to manipulate with them
--------
its goal is to hide the plaintext structure and content in the=20
ciphertext, this is based on a secret element,=20
unknown to the attacker
X
its goal is to hide all structure and content of all inputs
in the output, this is based on a public function=20
--------
if the key is not variable, the function is a permutation
X
we need random transformation
--------
invertible
X
one-way
--------
it is easy to create collisions
X
we need the protection against it
-------------------------
Hope that the new concept will be discussed.
Best regards,
Vlastimil Klima
--=20
Nenechte se nachytat! Internet nemus=ED b=FDt drah=FD. P=F8ipojte se s VOLN=
=DD
od 349 K=E8.
V=EDce informac=ED na http://adsl.volny.cz nebo na telefonu 800 880 842.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
