Amplifying collision resistance: A complexity-theoretic treatment

Ran Canetti*, Ron Rivest, Madhu Sudan, Luca Trevisan, Salil Vadhan, Hoeteck Wee

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

We initiate a complexity-theoretic treatment of hardness amplification for collision-resistant hash functions, namely the transformation of weakly collision-resistant hash functions into strongly collision-resistant ones in the standard model of computation. We measure the level of collision resistance by the maximum probability, over the choice of the key, for which an efficient adversary can find a collision. The goal is to obtain constructions with short output, short keys, small loss in adversarial complexity tolerated, and a good trade-off between compression ratio and computational complexity. We provide an analysis of several simple constructions, and show that many of the parameters achieved by our constructions are almost optimal in some sense.

Original languageEnglish
Title of host publicationAdvances in Cryptology - CRYPTO 2007 - 27th Annual International Cryptology Conference, Proceedings
PublisherSpringer Verlag
Pages264-283
Number of pages20
ISBN (Print)9783540741428
DOIs
StatePublished - 2007
Externally publishedYes
Event27th Annual International Cryptology Conference, CRYPTO 2007 - Santa Barbara, CA, United States
Duration: 19 Aug 200723 Aug 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4622 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference27th Annual International Cryptology Conference, CRYPTO 2007
Country/TerritoryUnited States
CitySanta Barbara, CA
Period19/08/0723/08/07

Keywords

  • Collision resistance
  • Combiners
  • Hardness amplification
  • Hash functions

Fingerprint

Dive into the research topics of 'Amplifying collision resistance: A complexity-theoretic treatment'. Together they form a unique fingerprint.

Cite this