Special block cipher family DN and hash function family HDN
vlastimil.klima at volny.cz
vlastimil.klima at volny.cz
Thu Feb 22 06:33:14 EST 2007
FYI:
Special block cipher family DN and hash function family HDN
----------------------------------
Notes from the Hash Futures Panel,
SECOND CRYPTOGRAPHIC HASH WORKSHOP,
Santa Barbara, USA, August 24-25, 2006,
http://www.proper.com/lookit/hash-futures-panel-notes.html
(Paul Hoffman): "...At the end of this topic, Joux says that we do
not understand what we are doing and that we do not really know what
we want; there is agreement from all the panelists."
----------------------------------
I would like to announce: "Special block cipher family DN and
new generation SNMAC-type hash function family HDN", IACR
ePrint archive Report 2007/050, and source codes, including
a benchmark, available on homepage
http://cryptography.hyperlink.cz/SNMAC/SNMAC_EN.html.
The paper also contains an explanation why we need the new
cryptographic primitive for hash functions.
In the paper introducing SNMAC (http://eprint.iacr.org/2006/376) I
briefly explained why a classical block cipher is not an appropriate
building block for compression function of a hash function.
However, I think I didn't stress enough the need for a new
cryptographic primitive to build hash functions.
I think that the difference between a compression function and
a classical block cipher is just the difference between
"what we want" and "what we are doing".
----------------------------------
The differences are briefly:
--------
classical block cipher
X
compression function:
--------
it contains an element, unknown to the attacker
X
the attacker knows all inputs and is able to manipulate with them
--------
its goal is to hide the plaintext structure and content in the
ciphertext, this is based on a secret element,
unknown to the attacker
X
its goal is to hide all structure and content of all inputs
in the output, this is based on a public function
--------
if the key is not variable, the function is a permutation
X
we need random transformation
--------
invertible
X
one-way
--------
it is easy to create collisions
X
we need the protection against it
-------------------------
Hope that the new concept will be discussed.
Best regards,
Vlastimil Klima
--
Nenechte se nachytat! Internet nemusí být drahý. Připojte se s VOLNÝ
od 349 Kč.
Více informací na http://adsl.volny.cz nebo na telefonu 800 880 842.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list