[Cryptography] Creating a Parallelizeable Cryptographic Hash Function
Jason Resch
jresch at cleversafe.com
Fri Oct 3 13:23:16 EDT 2014
On 10/02/2014 07:17 PM, David Leon Gil wrote:
> On Thu, Oct 2, 2014 at 6:53 PM, Jason Resch <jresch at cleversafe.com> wrote:
>> Assuming there was a secure cryptographic function H() with an output of L
>> bits, what attacks or weaknesses would exist in a protocol that did the
>> following:
> You're probably better off using a construction that has been designed
> to be a sound "tree hashing" mode. E.g., the Keccak team's Sakura tree
> hash coding: http://keccak.noekeon.org/Sakura.pdf
David, Sandy,
Thanks for these resources on tree hashing.
I was considering a case where a small changes between very large
messages, M and M' could be computed efficiently to produce an updated
hash value. I am correct that tree hashing doesn't support this without
using a lot of extra memory to store the intermediate hash values?
Jason
More information about the cryptography
mailing list