Security analysis of randomize-hash-then-sign digital signatures
From MaRDI portal
Publication:1928773
DOI10.1007/s00145-011-9109-yzbMath1277.94053WikidataQ56933169 ScholiaQ56933169MaRDI QIDQ1928773
Praveen Gauravaram, Lars R. Knudsen
Publication date: 4 January 2013
Published in: Journal of Cryptology (Search for Journal in Brave)
Full work available at URL: http://link.springer.com/article/10.1007%2Fs00145-011-9109-y
digital signature; compression function; hash function; collision resistance; Davies-Meyer; Merkle-Damgård; randomized hashing; RMX; second preimage resistance; SHA-3 hash function competition
Related Items
Building indifferentiable compression functions from the PGV compression functions, Improved indifferentiability security bound for the JH mode, Open problems in hash function security
Uses Software
Cites Work
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Cryptanalysis of MD4
- Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate
- Cryptanalysis of the LAKE Hash Family
- MAC Reforgeability
- Keying Hash Functions for Message Authentication
- Collisions on SHA-0 in One Hour
- The Hash Function Family LAKE
- MD4 is Not One-Way
- On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract)
- Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512
- How to Fill Up Merkle-Damgård Hash Functions
- Hash-and-Sign with Weak Hashing Made Secure
- Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5
- Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC
- Finding Preimages in Full MD5 Faster Than Exhaustive Search
- Cryptanalyses of Narrow-Pipe Mode of Operation in AURORA-512 Hash Function
- A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks
- Cryptanalysis of MD4
- Tiger: A fast new hash function
- On the Security of Compressed Encodings
- Cryptanalysis of the Hash Functions MD4 and RIPEMD
- How to Break MD5 and Other Hash Functions
- Collisions of SHA-0 and Reduced SHA-1
- Second Preimages on n-Bit Hash Functions for Much Less than 2 n Work
- Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
- On Authentication with HMAC and Non-random Properties
- Efficient Collision Search Attacks on SHA-0
- Finding Collisions in the Full SHA-1
- A Failure-Friendly Design Principle for Hash Functions
- Second Preimage Attacks on Dithered Hash Functions
- Linear-XOR and Additive Checksums Don’t Protect Damgård-Merkle Hashes from Generic Attacks
- Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions
- Information Security and Privacy
- Fast Software Encryption
- New Proofs for NMAC and HMAC: Security Without Collision-Resistance
- Strengthening Digital Signatures Via Randomized Hashing
- Public Key Cryptography - PKC 2006
