|Title:||A Framework for Iterative Hash Functions --- HAIFA
|Authors:||Eli Biham, Orr Dunkelman
|Abstract:||Since the seminal works of Merkle and Damgaard
on the iteration of compression functions,
hash functions were built from compression functions
using the Merkle-Damgaard construction. Recently, several
flaws in this construction were identified, allowing for
pre-image attacks and second pre-image attacks on such hash functions
even when the underlying compression functions are secure.
In this paper we propose the HAsh Iterative FrAmework (HAIFA). Our framework can fix many of the flaws while supporting several additional properties such as defining families of hash functions and supporting variable hash size. HAIFA allows for an online computation of the hash function in one pass with a fixed amount of memory independently of the size of the message.
Besides our proposal, the recent attacks initiated research on the way compression functions are to be iterated. We show that most recent proposals such as randomized hashing, the enveloped Merkle-Damgaard, and the RMC and ROX modes can be all be instantiated as part of the HAsh Iterative FrAmework (HAIFA).
|Copyright||The above paper is copyright by the Technion, Author(s), or others. Please contact the author(s) for more information|
Remark: Any link to this technical report should be to this page (http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-info.cgi/2007/CS/CS-2007-15), rather than to the URL of the PDF or PS files directly. The latter URLs may change without notice.
To the list of the CS technical reports of 2007
To the main CS technical reports page
Computer science department, Technion