[Cryptography] Creating a Parallelizeable Cryptographic Hash Function
Jason Resch
jresch at cleversafe.com
Thu Oct 2 18:53:36 EDT 2014
Assuming there was a secure cryptographic function H() with an output of
L bits, what attacks or weaknesses would exist in a protocol that did
the following:
Digest = H(B_0 || C_0) ^ H(B_1 || C_1) ^ H(B_2 || C_2) ^ ... ^ H(B_N ||
C_N) ^ H(N)
Where B_0 through B_N are the blocks (of size L) constituting the
message and C_0 through C_N are L-bit counters.
One problem seems to be that if any collision can be found for a given
H(X || C_i) and H(Y || C_i), it leads to an essentially infinite number
of collisions (any message that contains X as a block can have that
block replaced with Y), but what other vulnerabilities does this
construction have that would make it unsuitable as a general purpose
cryptographic hash function?
Thanks for your expertise.
Jason
More information about the cryptography
mailing list