Breaking and Fixing Cryptophia’s Short Combiner View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2014

AUTHORS

Bart Mennink , Bart Preneel

ABSTRACT

A combiner is a construction formed out of two hash functions that is secure if one of the underlying functions is. Conventional combiners are known not to support short outputs: if the hash functions have n-bit outputs the combiner should have at least almost 2n bits of output in order to be robust for collision resistance (Pietrzak, CRYPTO 2008). Mittelbach (ACNS 2013) introduced a relaxed security model for combiners and presented “Cryptophia’s short combiner,” a rather delicate construction of an n-bit combiner that achieves optimal collision, preimage, and second preimage security. We re-analyze Cryptophia’s combiner and show that a collision can be found in two queries and a second preimage in one query, invalidating the claimed results. We additionally propose a way to fix the design in order to re-establish the original security results. More... »

PAGES

50-63

Book

TITLE

Cryptology and Network Security

ISBN

978-3-319-12279-3
978-3-319-12280-9

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-12280-9_4

DOI

http://dx.doi.org/10.1007/978-3-319-12280-9_4

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1048077518


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Mennink", 
        "givenName": "Bart", 
        "id": "sg:person.012130641461.76", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012130641461.76"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium", 
          "id": "http://www.grid.ac/institutes/grid.5596.f", 
          "name": [
            "Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Preneel", 
        "givenName": "Bart", 
        "id": "sg:person.011115044357.39", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2014", 
    "datePublishedReg": "2014-01-01", 
    "description": "A combiner is a construction formed out of two hash functions that is secure if one of the underlying functions is. Conventional combiners are known not to support short outputs: if the hash functions have n-bit outputs the combiner should have at least almost 2n bits of output in order to be robust for collision resistance (Pietrzak, CRYPTO 2008). Mittelbach (ACNS 2013) introduced a relaxed security model for combiners and presented \u201cCryptophia\u2019s short combiner,\u201d a rather delicate construction of an n-bit combiner that achieves optimal collision, preimage, and second preimage security. We re-analyze Cryptophia\u2019s combiner and show that a collision can be found in two queries and a second preimage in one query, invalidating the claimed results. We additionally propose a way to fix the design in order to re-establish the original security results.", 
    "editor": [
      {
        "familyName": "Gritzalis", 
        "givenName": "Dimitris", 
        "type": "Person"
      }, 
      {
        "familyName": "Kiayias", 
        "givenName": "Aggelos", 
        "type": "Person"
      }, 
      {
        "familyName": "Askoxylakis", 
        "givenName": "Ioannis", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-12280-9_4", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-319-12279-3", 
        "978-3-319-12280-9"
      ], 
      "name": "Cryptology and Network Security", 
      "type": "Book"
    }, 
    "keywords": [
      "hash function", 
      "security model", 
      "security results", 
      "n-bit output", 
      "preimage security", 
      "collision resistance", 
      "queries", 
      "short output", 
      "bit of output", 
      "second preimage", 
      "optimal collision", 
      "security", 
      "Mittelbach", 
      "bits", 
      "output", 
      "preimage", 
      "combiner", 
      "order", 
      "construction", 
      "design", 
      "way", 
      "collisions", 
      "model", 
      "results", 
      "function", 
      "delicate construction", 
      "resistance", 
      "conventional combiner"
    ], 
    "name": "Breaking and Fixing Cryptophia\u2019s Short Combiner", 
    "pagination": "50-63", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1048077518"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-12280-9_4"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-12280-9_4", 
      "https://app.dimensions.ai/details/publication/pub.1048077518"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-10-01T06:56", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221001/entities/gbq_results/chapter/chapter_293.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-12280-9_4"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-12280-9_4'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-12280-9_4'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-12280-9_4'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-12280-9_4'


 

This table displays all metadata directly associated to this object as RDF triples.

104 TRIPLES      22 PREDICATES      53 URIs      46 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-12280-9_4 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author Nf522e168d30d4b069ad53ec2694d3683
4 schema:datePublished 2014
5 schema:datePublishedReg 2014-01-01
6 schema:description A combiner is a construction formed out of two hash functions that is secure if one of the underlying functions is. Conventional combiners are known not to support short outputs: if the hash functions have n-bit outputs the combiner should have at least almost 2n bits of output in order to be robust for collision resistance (Pietrzak, CRYPTO 2008). Mittelbach (ACNS 2013) introduced a relaxed security model for combiners and presented “Cryptophia’s short combiner,” a rather delicate construction of an n-bit combiner that achieves optimal collision, preimage, and second preimage security. We re-analyze Cryptophia’s combiner and show that a collision can be found in two queries and a second preimage in one query, invalidating the claimed results. We additionally propose a way to fix the design in order to re-establish the original security results.
7 schema:editor Nc4e8291c422f467b9130e9b149e1e194
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf N7327a7e5fcdc4bfda6a71d1287f2d478
11 schema:keywords Mittelbach
12 bit of output
13 bits
14 collision resistance
15 collisions
16 combiner
17 construction
18 conventional combiner
19 delicate construction
20 design
21 function
22 hash function
23 model
24 n-bit output
25 optimal collision
26 order
27 output
28 preimage
29 preimage security
30 queries
31 resistance
32 results
33 second preimage
34 security
35 security model
36 security results
37 short output
38 way
39 schema:name Breaking and Fixing Cryptophia’s Short Combiner
40 schema:pagination 50-63
41 schema:productId N53de1bc2fed74aaab2e1ade2477f2b06
42 Nb68c5d2127a94854bcaddab66f8a1674
43 schema:publisher Nc2212303c38e4f78a827ab122fb44253
44 schema:sameAs https://app.dimensions.ai/details/publication/pub.1048077518
45 https://doi.org/10.1007/978-3-319-12280-9_4
46 schema:sdDatePublished 2022-10-01T06:56
47 schema:sdLicense https://scigraph.springernature.com/explorer/license/
48 schema:sdPublisher N4d1239d0fb1f4499871ce73e8c1a1b48
49 schema:url https://doi.org/10.1007/978-3-319-12280-9_4
50 sgo:license sg:explorer/license/
51 sgo:sdDataset chapters
52 rdf:type schema:Chapter
53 N02823c68c68b490098a3d4a75e7793ad rdf:first N351d17db57a84afc877add84294890ac
54 rdf:rest rdf:nil
55 N351d17db57a84afc877add84294890ac schema:familyName Askoxylakis
56 schema:givenName Ioannis
57 rdf:type schema:Person
58 N4d1239d0fb1f4499871ce73e8c1a1b48 schema:name Springer Nature - SN SciGraph project
59 rdf:type schema:Organization
60 N4fec1cab80db4e3f93bfb951fe36938d schema:familyName Gritzalis
61 schema:givenName Dimitris
62 rdf:type schema:Person
63 N53de1bc2fed74aaab2e1ade2477f2b06 schema:name dimensions_id
64 schema:value pub.1048077518
65 rdf:type schema:PropertyValue
66 N5b58baca93bc4432877412160a596329 rdf:first Ndf63ed2b3e6d42d58e4b759ecb139477
67 rdf:rest N02823c68c68b490098a3d4a75e7793ad
68 N7327a7e5fcdc4bfda6a71d1287f2d478 schema:isbn 978-3-319-12279-3
69 978-3-319-12280-9
70 schema:name Cryptology and Network Security
71 rdf:type schema:Book
72 Nb68c5d2127a94854bcaddab66f8a1674 schema:name doi
73 schema:value 10.1007/978-3-319-12280-9_4
74 rdf:type schema:PropertyValue
75 Nc0ffb6da69a14cfcb47b439ec9063e77 rdf:first sg:person.011115044357.39
76 rdf:rest rdf:nil
77 Nc2212303c38e4f78a827ab122fb44253 schema:name Springer Nature
78 rdf:type schema:Organisation
79 Nc4e8291c422f467b9130e9b149e1e194 rdf:first N4fec1cab80db4e3f93bfb951fe36938d
80 rdf:rest N5b58baca93bc4432877412160a596329
81 Ndf63ed2b3e6d42d58e4b759ecb139477 schema:familyName Kiayias
82 schema:givenName Aggelos
83 rdf:type schema:Person
84 Nf522e168d30d4b069ad53ec2694d3683 rdf:first sg:person.012130641461.76
85 rdf:rest Nc0ffb6da69a14cfcb47b439ec9063e77
86 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
87 schema:name Information and Computing Sciences
88 rdf:type schema:DefinedTerm
89 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
90 schema:name Data Format
91 rdf:type schema:DefinedTerm
92 sg:person.011115044357.39 schema:affiliation grid-institutes:grid.5596.f
93 schema:familyName Preneel
94 schema:givenName Bart
95 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011115044357.39
96 rdf:type schema:Person
97 sg:person.012130641461.76 schema:affiliation grid-institutes:grid.5596.f
98 schema:familyName Mennink
99 schema:givenName Bart
100 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012130641461.76
101 rdf:type schema:Person
102 grid-institutes:grid.5596.f schema:alternateName Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium
103 schema:name Dept. Electrical Engineering, ESAT/COSIC, KU Leuven, and iMinds, Belgium
104 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...