Difference between revisions of "VSH"
From The ECRYPT Hash Function Website
Mschlaeffer (talk | contribs) |
Mlamberger (talk | contribs) (→Specification) |
||
| (3 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | == | + | == Specification == |
<!-- | <!-- | ||
| Line 5: | Line 5: | ||
* max. message length: < 2<sup>64</sup> bits | * max. message length: < 2<sup>64</sup> bits | ||
* compression function: 512-bit message block, 160-bit chaining variable | * compression function: 512-bit message block, 160-bit chaining variable | ||
| − | |||
--> | --> | ||
| + | * Specification: http://csrc.nist.gov/groups/ST/hash/documents/LENSTRA_vsh.pdf | ||
| + | |||
| + | <bibtex> | ||
| + | @inproceedings{eurocryptContiniLS06, | ||
| + | author = {Scott Contini and Arjen K. Lenstra and Ron Steinfeld}, | ||
| + | title = {VSH, an Efficient and Provable Collision-Resistant Hash Function}, | ||
| + | booktitle = {EUROCRYPT}, | ||
| + | year = {2006}, | ||
| + | pages = {165-182}, | ||
| + | abstract = {We introduce VSH, very smooth hash, a new S-bit hash function that is provably collision-resistant assuming the hardness of finding nontrivial modular square roots of very smooth numbers modulo an S-bit composite. By very smooth, we mean that the smoothness bound is some fixed polynomial function of S. We argue that finding collisions for VSH has the same asymptotic complexity as factoring using the Number Field Sieve factoring algorithm, i.e., subexponential in S. VSH is theoretically pleasing because it requires just a single multiplication modulo the S-bit composite per Ω(S) message-bits (as opposed to O(logS) message-bits for previous provably secure hashes). It is relatively practical. A preliminary implementation on a 1GHz Pentium III processor that achieves collision resistance at least equivalent to the difficulty of factoring a 1024-bit RSA modulus, runs at 1.1 MegaByte per second, with a moderate slowdown to 0.7MB/s for 2048-bit RSA security. VSH can be used to build a fast, provably secure randomised trapdoor hash function, which can be applied to speed up provably secure signature schemes (such as Cramer-Shoup) and designated-verifier signatures.}, | ||
| + | editor = {Serge Vaudenay}, | ||
| + | volume = {4004}, | ||
| + | series = {LNCS}, | ||
| + | publisher = {Springer}, | ||
| + | isbn = {3-540-34546-9}, | ||
| + | url = {http://dx.doi.org/10.1007/11761679_11}, | ||
| + | } | ||
| + | </bibtex> | ||
== Cryptanalysis == | == Cryptanalysis == | ||
| Line 34: | Line 51: | ||
=== Others === | === Others === | ||
| + | |||
| + | <bibtex> | ||
| + | @inproceedings{indocryptSaarinen06, | ||
| + | author = {Markku-Juhani Olavi Saarinen}, | ||
| + | title = {Security of VSH in the Real World}, | ||
| + | booktitle = {INDOCRYPT}, | ||
| + | year = {2006}, | ||
| + | pages = {95-103}, | ||
| + | url = {http://dx.doi.org/10.1007/11941378_8}, | ||
| + | editor = {Rana Barua and Tanja Lange}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {4329}, | ||
| + | isbn = {3-540-49767-6}, | ||
| + | abstract = {In Eurocrypt 2006, Contini, Lenstra, and Steinfeld proposed a new hash function primitive, VSH, very smooth hash. In this brief paper we offer commentary on the resistance of VSH against some standard cryptanalytic attacks, including preimage attacks and collision search for a truncated VSH. Although the authors of VSH claim only collision resistance, we show why one must be very careful when using VSH in cryptographic engineering, where additional security properties are often required.}, | ||
| + | } | ||
| + | </bibtex> | ||
Latest revision as of 12:16, 11 March 2008
Contents
1 Specification
Scott Contini, Arjen K. Lenstra, Ron Steinfeld - VSH, an Efficient and Provable Collision-Resistant Hash Function
- EUROCRYPT 4004:165-182,2006
- http://dx.doi.org/10.1007/11761679_11
BibtexAuthor : Scott Contini, Arjen K. Lenstra, Ron Steinfeld
Title : VSH, an Efficient and Provable Collision-Resistant Hash Function
In : EUROCRYPT -
Address :
Date : 2006
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
2.4 Second Preimage Attacks
2.5 Preimage Attacks
2.6 Others
Markku-Juhani Olavi Saarinen - Security of VSH in the Real World
