Hash function bibliography

This bibliography (.bib file) on cryptographic hash functions is not (and never will be) complete. You are very welcome to contact me if you have relevant additions to this list.

All Springer publications contain a link to Springer's search tool with the first author and words from the title pre-filled in.

[1] AbdukhalikovK-fse98
K. S. Abdukhalikov and C. Kim. On the Security of the Hashing Scheme Based on SL2. In S. Vaudenay, editor, Fast Software Encryption '98, Proceedings, volume 1372 of Lecture Notes in Computer Science, pages 93-102. Springer, 1998.
[2] AielloHV-fse98
W. Aiello, S. Haber, and R. Venkatesan. New Constructions for Secure Hash Functions. In S. Vaudenay, editor, Fast Software Encryption '98, Proceedings, volume 1372 of Lecture Notes in Computer Science, pages 150-167. Springer, 1998.
[3] AielloV-eurocrypt96
W. Aiello and R. Venkatesan. Foiling Birthday Attacks in Length-Doubling Transformations. In U. M. Maurer, editor, Advances in Cryptology - EUROCRYPT '96, Proceedings, volume 1070 of Lecture Notes in Computer Science, pages 307-320. Springer, 1996.
[4] Akl-crypto83
S. G. Akl. On the Security of Compressed Encodings. In D. Chaum, editor, Advances in Cryptology - Proceedings of CRYPTO '83, Proceedings, pages 209-230. Plenum Press, New York, 1984.
[5] AndersonB-fse96
R. J. Anderson and E. Biham. TIGER: A Fast New Hash Function. In D. Gollmann, editor, Fast Software Encryption 1996, Proceedings, volume 1039 of Lecture Notes in Computer Science, pages 89-97. Springer, 1996.
[6] AndreevaBDK-sac09
E. Andreeva, C. Bouillaguet, O. Dunkelman, and J. Kelsey. Herding, Second Preimage and Trojan Message Attacks beyond Merkle-Damgård. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 393-414. Springer, 2009.
[7] AndreevaBFHKSZ-eurocrypt08
E. Andreeva, C. Bouillaguet, P.-A. Fouque, J. J. Hoch, J. Kelsey, A. Shamir, and S. Zimmer. Second Preimage Attacks on Dithered Hash Functions. In N. Smart, editor, Advances in Cryptology - EUROCRYPT 2008, Proceedings, volume 4965 of Lecture Notes in Computer Science, pages 270-288. Springer, 2008.
[8] AndreevaMP-scn10
E. Andreeva, B. Mennink, and B. Preneel. On the Indifferentiability of the Grøstl Hash Function. In J. A. Garay and R. D. Prisco, editors, Security and Cryptography for Networks (SCN) 2010, Proceedings, volume 6280 of Lecture Notes in Computer Science, pages 88-105. Springer, 2010.
[9] AndreevaNPS-asiacrypt07
E. Andreeva, G. Neven, B. Preneel, and T. Shrimpton. Seven-Property-Preserving Iterated Hashing: ROX. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 130-146. Springer, 2007.
[10] AndreevaP-sac08
E. Andreeva and B. Preneel. A Three-Property-Secure Hash Function. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 228-244. Springer, 2009.
[11] AokiGMSW-asiacrypt09
K. Aoki, J. Guo, K. Matusiewicz, Y. Sasaki, and L. Wang. Preimages for Step-Reduced SHA-2. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 578-597. Springer, 2009.
[12] AokiRSS-secrypt11
K. Aoki, G. Roland, Y. Sasaki, and M. Schläffer. Byte Slicing Grøstl - Optimized Intel AES-NI and 8-bit Implementations of the SHA-3 Finalist Grøstl. In J. Lopez and P. Samarati, editors, SECRYPT 2011, Proceedings, pages 124-133. SciTePress, 2011.
[13] AokiS-crypto09
K. Aoki and Y. Sasaki. Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1 . In S. Halevi, editor, Advances in Cryptology - CRYPTO 2009, Proceedings, volume 5677 of Lecture Notes in Computer Science, pages 70-89. Springer, 2009.
[14] AokiS-sac08
K. Aoki and Y. Sasaki. Preimage Attacks on One-Block MD4, 63-Step MD5 and More. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 103-119. Springer, 2009.
[15] AticiS-crypto96
M. Atici and D. R. Stinson. Universal Hashing and Multiple Authentication. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 16-30. Springer, 1996.
[16] AugotFS-mycrypt05
D. Augot, M. Finiasz, and N. Sendrier. A Family of Fast Syndrome Based Cryptographic Hash Functions. In E. Dawson and S. Vaudenay, editors, Progress in Cryptology - Mycrypt 2005, Proceedings, volume 3715 of Lecture Notes in Computer Science, pages 64-83. Springer, 2005.
[17] Aumasson-indocrypt08
J.-P. Aumasson. Faster Multicollisions. In D. R. Chowdhury, V. Rijmen, and A. Das, editors, Progress in Cryptology - INDOCRYPT 2008, Proceedings, volume 5365 of Lecture Notes in Computer Science, pages 67-77. Springer, 2008.
[18] AumassonBMNP-acisp09
J.-P. Aumasson, E. Brier, W. Meier, M. Naya-Plasencia, and T. Peyrin. Inside the Hypercube. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 202-213. Springer, 2009.
[19] AumassonCMOPV-asiacrypt09
J.-P. Aumasson, Çagdas Çalik, W. Meier, O. Özen, R. C.-W. Phan, and K. Varici. Improved Cryptanalysis of Skein. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 542-559. Springer, 2009.
[20] AumassonDMS-fse09
J.-P. Aumasson, I. Dinur, W. Meier, and A. Shamir. Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium . In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 1-22. Springer, 2009.
[21] AumassonDIP-sac09
J.-P. Aumasson, O. Dunkelman, S. Indesteege, and B. Preneel. Cryptanalysis of Dynamic SHA(2). In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 415-432. Springer, 2009.
[22] AumassonDMRT-africacrypt09
J.-P. Aumasson, O. Dunkelman, F. Mendel, C. Rechberger, and S. S. Thomsen. Cryptanalysis of Vortex. In B. Preneel, editor, Progress in Cryptology - AFRICACRYPT 2009, Proceedings, volume 5580 of Lecture Notes in Computer Science, pages 14-28. Springer, 2009.
[23] AumassonGKMM-fse10
J.-P. Aumasson, J. Guo, S. Knellwolf, K. Matusiewicz, and W. Meier. Differential and Invertibility Properties of BLAKE. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 318-332. Springer, 2010.
[24] AumassonHMN-ches10
J.-P. Aumasson, L. Henzen, W. Meier, and M. Naya-Plasencia. Quark: A Lightweight Hash. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 1-15. Springer, 2010.
[25] AumassonM-icisc07
J.-P. Aumasson and W. Meier. Analysis of Multivariate Hash Functions. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 309-323. Springer, 2007.
[26] AumassonMM-sac08
J.-P. Aumasson, W. Meier, and F. Mendel. Preimage Attacks on 3-Pass HAVAL and Step-Reduced MD5. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 120-135. Springer, 2009.
[27] AumassonMP-fse08
J.-P. Aumasson, W. Meier, and R. C.-W. Phan. The Hash Function Family LAKE. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 36-53. Springer, 2008.
[28] AumassonP-africacrypt08
J.-P. Aumasson and R. C.-W. Phan. How (Not) to Efficiently Dither Blockcipher-Based Hash Functions? In S. Vaudenay, editor, Progress in Cryptology - AFRICACRYPT 2008, Proceedings, volume 5023 of Lecture Notes in Computer Science, pages 308-324. Springer, 2008.
[29] BackesU-asiacrypt08
M. Backes and D. Unruh. Limits of Constructive Security Proofs. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 290-307. Springer, 2008.
[30] BaecherFS-ctrsa11
P. Baecher, M. Fischlin, and D. Schröder. Expedient Non-malleability Notions for Hash Functions. In A. Kiayias, editor, Topics in Cryptology - CT-RSA 2011, Proceedings, volume 6558 of Lecture Notes in Computer Science, pages 268-283. Springer, 2011.
[31] BagheriGNT-cans10
N. Bagheri, P. Gauravaram, M. Naderi, and S. S. Thomsen. On the Collision and Preimage Resistance of Certain Two-Call Hash Functions. In S.-H. Heng, R. N. Wright, and B.-M. Goi, editors, Cryptology and Network Security (CANS) 2010, Proceedings, volume 6467 of Lecture Notes in Computer Science, pages 96-105. Springer, 2010.
[32] BakhtiariSP-acisp96a
S. Bakhtiari, R. Safavi-Naini, and J. Pieprzyk. On password-based authenticated key exchange using collisionful hash functions. In J. Pieprzyk and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) '96, Proceedings, volume 1172 of Lecture Notes in Computer Science, pages 299-310. Springer, 1996.
[33] BakhtiariSP-acisp96
S. Bakhtiari, R. Safavi-Naini, and J. Pieprzyk. On selectable collisionful hash functions. In J. Pieprzyk and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) '96, Proceedings, volume 1172 of Lecture Notes in Computer Science, pages 287-298. Springer, 1996.
[34] BaritaudGG-eurocrypt92
T. Baritaud, H. Gilbert, and M. Girault. FFT Hashing is not Collision-free. In R. A. Rueppel, editor, Advances in Cryptology - EUROCRYPT '92, Proceedings, volume 658 of Lecture Notes in Computer Science, pages 35-44. Springer, 1993.
[35] BarretoR-whirlpool
P. S. L. M. Barreto and V. Rijmen. The Whirlpool Hashing Function. Submitted to NESSIE, September 2000. Revised May 2003. Available: http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html (2009/06/24).
[36] Bellare-crypto06
M. Bellare. New Proofs for NMAC and HMAC: Security Without Collision-Resistance. In C. Dwork, editor, Advances in Cryptology - CRYPTO 2006, Proceedings, volume 4117 of Lecture Notes in Computer Science, pages 602-619. Springer, 2006.
[37] BellareCK-crypto96
M. Bellare, R. Canetti, and H. Krawczyk. Keying Hash Functions for Message Authentication. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 1-15. Springer, 1996.
[38] BellareCK-rsa96
M. Bellare, R. Canetti, and H. Krawczyk. The HMAC Construction. CryptoBytes, 2(1):12-15, 1996.
[39] BellareGG-crypto94
M. Bellare, O. Goldreich, and S. Goldwasser. Incremental Cryptography: The Case of Hashing and Signing. In Y. Desmedt, editor, Advances in Cryptology - CRYPTO '94, Proceedings, volume 839 of Lecture Notes in Computer Science, pages 216-233. Springer, 1994.
[40] BellareK-eurocrypt04
M. Bellare and T. Kohno. Hash Function Balance and Its Impact on Birthday Attacks. In C. Cachin and J. Camenisch, editors, Advances in Cryptology - EUROCRYPT 2004, Proceedings, volume 3027 of Lecture Notes in Computer Science, pages 401-418. Springer, 2004.
[41] BellareM-eurocrypt97
M. Bellare and D. Micciancio. A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost. In W. Fumy, editor, Advances in Cryptology - EUROCRYPT '97, Proceedings, volume 1233 of Lecture Notes in Computer Science, pages 163-192. Springer, 1997.
[42] BellareR-nist06
M. Bellare and T. Ristenpart. Multi-Property-Preserving Hash Domain Extension: The EMD Transform. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[43] BellareR-asiacrypt06
M. Bellare and T. Ristenpart. Multi-Property-Preserving Hash Domain Extension and the EMD Transform. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 299-314. Springer, 2006.
[44] BellareR-icalp07
M. Bellare and T. Ristenpart. Hash Functions in the Dedicated-Key Setting: Design Choices and MPP Transforms. In L. Arge, C. Cachin, T. Jurdzinski, and A. Tarlecki, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2007, Proceedings, volume 4596 of Lecture Notes in Computer Science, pages 399-410. Springer, 2007.
[45] BellareR-asiacrypt08
M. Bellare and T. Ristov. Hash Functions from Sigma Protocols and Improvements to VSH. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 125-142. Springer, 2008.
[46] BellareR-ccs93
M. Bellare and P. Rogaway. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In First ACM Conference on Computer and Communications Security, Proceedings, pages 62-73, 1993.
[47] BellareR-crypto97
M. Bellare and P. Rogaway. Collision-Resistant Hashing: Towards Making UOWHFs Practical. In B. S. Kaliski Jr., editor, Advances in Cryptology - CRYPTO '97, Proceedings, volume 1294 of Lecture Notes in Computer Science, pages 470-484. Springer, 1997.
[48] Bellovin-nist05
S. M. Bellovin. Deploying a New Hash Algorithm. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[49] BenadjilaBGR-asiacrypt09
R. Benadjila, O. Billet, S. Gueron, and M. J. B. Robshaw. The Intel AES Instructions Set and the SHA-3 Candidates. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 162-178. Springer, 2009.
[50] BenalohM-eurocrypt93
J. C. Benaloh and M. de Mare. One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract). In T. Helleseth, editor, Advances in Cryptology - EUROCRYPT '93, Proceedings, volume 765 of Lecture Notes in Computer Science, pages 274-285. Springer, 1994.
[51] BentaharPSSS-nist06
K. Bentahar, D. Page, M.-J. O. Saarinen, J. H. Silverman, and N. Smart. LASH. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[52] BermanKN-tcs07
P. Berman, M. Karpinski, and Y. Nekrich. Optimal trade-off for Merkle tree traversal. Theoretical Computer Science, 372(1):26-36, 2007.
[53] BernsteinLNPS-indocrypt09
D. J. Bernstein, T. Lange, R. Niederhagen, C. Peters, and P. Schwabe. FSBday. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 18-38. Springer, 2009.
[54] BernsteinLPS-africacrypt11
D. J. Bernstein, T. Lange, C. Peters, and P. Schwabe. Really Fast Syndrome-Based Hashing. In A. Nitaj and D. Pointcheval, editors, Progress in Cryptology - AFRICACRYPT 2011, Proceedings, volume 6737 of Lecture Notes in Computer Science, pages 134-152. Springer, 2011.
[55] Berson-eurocrypt92
T. A. Berson. Differential Cryptanalysis Mod 232 with Applications to MD5. In R. A. Rueppel, editor, Advances in Cryptology - EUROCRYPT '92, Proceedings, volume 658 of Lecture Notes in Computer Science, pages 71-80. Springer, 1993.
[56] BertoniDPA-ches10
G. Bertoni, J. Daemen, M. Peeters, and G. V. Assche. Sponge-Based Pseudo-Random Number Generators. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 33-47. Springer, 2010.
[57] BertoniDPV-nist06
G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche. RadioGatun, a Belt-and-Mill Hash Function. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[58] BertoniDPV-eurocrypt08
G. Bertoni, J. Daemen, M. Peeters, and G. Van Assche. On the Indifferentiability of the Sponge Construction. In N. Smart, editor, Advances in Cryptology - EUROCRYPT 2008, Proceedings, volume 4965 of Lecture Notes in Computer Science, pages 181-197. Springer, 2008.
[59] BettaleFP-cisc08
L. Bettale, J.-C. Faugère, and L. Perret. Security Analysis of Multivariate Polynomials for Hashing. In M. Yung, P. Liu, and D. Lin, editors, Information Security and Cryptology (INSCRYPT) 2008, Proceedings, volume 5487 of Lecture Notes in Computer Science, pages 115-124. Springer, 2009.
[60] BhattacharyyaMN-indocrypt09
R. Bhattacharyya, A. Mandal, and M. Nandi. Indifferentiability Characterization of Hash Functions and Optimal Bounds of Popular Domain Extensions. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 199-218. Springer, 2009.
[61] BhattacharyyaMN-fse10
R. Bhattacharyya, A. Mandal, and M. Nandi. Security Analysis of the Mode of JH Hash Function. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 168-191. Springer, 2010.
[62] Bierbrauer-dcc97
J. Bierbrauer. Universal Hashing and Geometric Codes. Designs, Codes and Cryptography, 11(3):207-221, 1997.
[63] BierbrauerJKS-crypto93
J. Bierbrauer, T. Johansson, G. Kabatianskii, and B. J. M. Smeets. On Families of Hash Functions via Geometric Codes and Concatenation. In D. R. Stinson, editor, Advances in Cryptology - CRYPTO '93, Proceedings, volume 773 of Lecture Notes in Computer Science, pages 331-342. Springer, 1994.
[64] Biham-fse08
E. Biham. New Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 444-461. Springer, 2008.
[65] BihamC-crypto04
E. Biham and R. Chen. Near-Collisions of SHA-0. In M. K. Franklin, editor, Advances in Cryptology - CRYPTO 2004, Proceedings, volume 3152 of Lecture Notes in Computer Science, pages 290-305. Springer, 2004.
[66] BihamCJCLJ-eurocrypt05
E. Biham, R. Chen, A. Joux, P. Carribault, C. Lemuet, and W. Jalby. Collisions of SHA-0 and Reduced SHA-1. In R. Cramer, editor, Advances in Cryptology - EUROCRYPT 2005, Proceedings, volume 3494 of Lecture Notes in Computer Science, pages 36-57. Springer, 2005.
[67] BihamD-nist06
E. Biham and O. Dunkelman. A Framework for Iterative Hash Functions - HAIFA. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[68] BihamS-eurocrypt91
E. Biham and A. Shamir. Differential Cryptanalysis of Feal and N-Hash. In D. W. Davies, editor, Advances in Cryptology - EUROCRYPT '91, Proceedings, volume 547 of Lecture Notes in Computer Science, pages 1-16. Springer, 1991.
[69] BihamS-crypto91
E. Biham and A. Shamir. Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. In J. Feigenbaum, editor, Advances in Cryptology - CRYPTO '91, Proceedings, volume 576 of Lecture Notes in Computer Science, pages 156-171. Springer, 1992.
[70] BilletRP-acisp07
O. Billet, M. J. B. Robshaw, and T. Peyrin. On Building Hash Functions from Multivariate Quadratic Equations. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 82-95. Springer, 2007.
[71] BilletRSY-acisp08
O. Billet, M. J. B. Robshaw, Y. Seurin, and Y. L. Yin. Looking Back at a New Hash Function. In Y. Mu, W. Susilo, and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2008, Proceedings, volume 5107 of Lecture Notes in Computer Science, pages 239-253. Springer, 2008.
[72] BiryukovGGKLMNPW-fse09
A. Biryukov, P. Gauravaram, J. Guo, D. Khovratovich, S. Ling, K. Matusiewicz, I. Nikolic, J. Pieprzyk, and H. Wang. Cryptanalysis of the LAKE Hash Family. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 156-179. Springer, 2009.
[73] BiryukovLP-sac03
A. Biryukov, J. Lano, and B. Preneel. Cryptanalysis of the Alleged SecurID Hash Function. In M. Matsui and R. J. Zuccherato, editors, Selected Areas in Cryptography 2003, Proceedings, volume 3006 of Lecture Notes in Computer Science, pages 130-144. Springer, 2004.
[74] BiryukovNR-fse11
A. Biryukov, I. Nikolic, and A. Roy. Boomerang Attacks on BLAKE-32. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 218-237. Springer, 2011.
[75] Black-fse06
J. Black. The Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 328-340. Springer, 2006.
[76] BlackCH-fse06
J. Black, M. Cochran, and T. Highland. A Study of the MD5 Attacks: Insights and Improvements. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 262-277. Springer, 2006.
[77] BlackCS-eurocrypt05
J. Black, M. Cochran, and T. Shrimpton. On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions. In R. Cramer, editor, Advances in Cryptology - EUROCRYPT 2005, Proceedings, volume 3494 of Lecture Notes in Computer Science, pages 526-541. Springer, 2005.
[78] BlackCS-joc09
J. Black, M. Cochran, and T. Shrimpton. On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions. Journal of Cryptology, 22(3):311-329, 2009.
[79] BlackRS-crypto02
J. Black, P. Rogaway, and T. Shrimpton. Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV. In M. Yung, editor, Advances in Cryptology - CRYPTO 2002, Proceedings, volume 2442 of Lecture Notes in Computer Science, pages 320-335. Springer, 2002.
[80] BlackRSS-joc10
J. Black, P. Rogaway, T. Shrimpton, and M. Stam. An Analysis of the Blockcipher-Based Hash Functions from PGV. Journal of Cryptology, 23(4):519-545, 2010.
[81] BleichenbacherM-crypto94
D. Bleichenbacher and U. M. Maurer. Directed Acyclic Graphs, One-way Functions and Digital Signatures. In Y. Desmedt, editor, Advances in Cryptology - CRYPTO '94, Proceedings, volume 839 of Lecture Notes in Computer Science, pages 75-82. Springer, 1994.
[82] BogdanovLPPRS-ches08
A. Bogdanov, G. Leander, C. Paar, A. Poschmann, M. J. B. Robshaw, and Y. Seurin. Hash Functions and RFID Tags: Mind the Gap. In E. Oswald and P. Rohatgi, editors, Cryptographic Hardware and Embedded Systems - CHES 2008, Proceedings, volume 5154 of Lecture Notes in Computer Science, pages 283-299. Springer, 2008.
[83] BoldyrevaCFW-asiacrypt09
A. Boldyreva, D. Cash, M. Fischlin, and B. Warinschi. Foundations of Non-malleable Hash and One-Way Functions. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 524-541. Springer, 2009.
[84] BonehB-crypto06
D. Boneh and X. Boyen. On the Impossibility of Efficiently Combining Collision Resistant Hash Functions. In C. Dwork, editor, Advances in Cryptology - CRYPTO 2006, Proceedings, volume 4117 of Lecture Notes in Computer Science, pages 570-583. Springer, 2006.
[85] BosC-crypto92
J. N. Bos and D. Chaum. Provably Unforgeable Signatures. In E. F. Brickell, editor, Advances in Cryptology - CRYPTO '92, Proceedings, volume 740 of Lecture Notes in Computer Science, pages 1-14. Springer, 1993.
[86] BosS-ches10
J. W. Bos and D. Stefan. Performance Analysis of the SHA-3 Candidates on Exotic Multi-core Architectures. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 279-293. Springer, 2010.
[87] BosselaersGV-crypto96
A. Bosselaers, R. Govaerts, and J. Vandewalle. Fast Hashing on the Pentium. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 298-312. Springer, 1996.
[88] BosselaersGV-eurocrypt97
A. Bosselaers, R. Govaerts, and J. Vandewalle. SHA: A Design for Parallel Architectures? In W. Fumy, editor, Advances in Cryptology - EUROCRYPT '97, Proceedings, volume 1233 of Lecture Notes in Computer Science, pages 348-362. Springer, 1997.
[89] BouillaguetDLF-fse10
C. Bouillaguet, O. Dunkelman, G. Leurent, and P.-A. Fouque. Another Look at Complementation Properties. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 347-364. Springer, 2010.
[90] BouillaguetDLF-sacrypt10
C. Bouillaguet, O. Dunkelman, G. Leurent, and P.-A. Fouque. Attacks on Hash Functions Based on Generalized Feistel: Application to Reduced-Round Lesamnta and SHAvite-3512. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 18-35. Springer, 2011.
[91] BouillaguetF-sac08
C. Bouillaguet and P.-A. Fouque. Analysis of the Collision Resistance of RadioGatún Using Algebraic Techniques. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 245-261. Springer, 2009.
[92] BouillaguetFL-sacrypt10
C. Bouillaguet, P.-A. Fouque, and G. Leurent. Security Analysis of SIMD. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 351-368. Springer, 2011.
[93] BouraC-sacrypt10
C. Boura and A. Canteaut. Zero-Sum Distinguishers for Iterated Permutations and Application to Keccak- and Hamsi-256. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 1-17. Springer, 2011.
[94] BouraCC-fse11
C. Boura, A. Canteaut, and C. De Cannière. Higher-Order Differential Properties of Keccak and Luffa. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 252-269. Springer, 2011.
[95] SuWWD-cans10
S. W. Bozhan Su, Wenling Wu and L. Dong. Near-Collisions on the Reduced-Round Compression Functions of Skein and BLAKE. In S.-H. Heng, R. N. Wright, and B.-M. Goi, editors, Cryptology and Network Security (CANS) 2010, Proceedings, volume 6467 of Lecture Notes in Computer Science, pages 124-139. Springer, 2010.
[96] BrierKMP-asiacrypt09
E. Brier, S. Khazaei, W. Meier, and T. Peyrin. Linearization Framework for Collision Attacks: Application to CubeHash and MD6. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 560-577. Springer, 2009.
[97] BrierP-acns09
E. Brier and T. Peyrin. Cryptanalysis of CubeHash. In M. Abdalla, D. Pointcheval, P.-A. Fouque, and D. Vergnaud, editors, Applied Cryptography and Network Security 2009, Proceedings, volume 5536 of Lecture Notes in Computer Science, pages 354-368. Springer, 2009.
[98] BrownPS-asiacrypt90
L. Brown, J. Pieprzyk, and J. Seberry. LOKI - A Cryptographic Primitive for Authentication and Secrecy Applications. In J. Seberry and J. Pieprzyk, editors, Advances in Cryptology - AUSCRYPT '90, Proceedings, volume 453 of Lecture Notes in Computer Science, pages 229-236. Springer, 1990.
[99] BuchmannL-indocrypt09
J. Buchmann and R. Lindner. Secure Parameters for SWIFFT. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 1-17. Springer, 2009.
[100] BuldasL-acns06
A. Buldas and S. Laur. Do Broken Hash Functions Affect the Security of Time-Stamping Schemes? In J. Zhou, M. Yung, and F. Bao, editors, Applied Cryptography and Network Security 2006, Proceedings, volume 3989 of Lecture Notes in Computer Science, pages 50-65. Springer, 2006.
[101] CamionP-eurocrypt91
P. Camion and J. Patarin. The Knapsack Hash Function proposed at Crypto'89 can be broken. In D. W. Davies, editor, Advances in Cryptology - EUROCRYPT '91, Proceedings, volume 547 of Lecture Notes in Computer Science, pages 39-53. Springer, 1991.
[102] Canetti-crypto97
R. Canetti. Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information. In B. S. Kaliski Jr., editor, Advances in Cryptology - CRYPTO '97, Proceedings, volume 1294 of Lecture Notes in Computer Science, pages 455-469. Springer, 1997.
[103] CanettiD-icalp08
R. Canetti and R. R. Dakdouk. Extractable Perfectly One-Way Functions. In L. Aceto, I. Damgård, L. A. Goldberg, M. M. Halldórsson, A. Ingólfsdóttir, and I. Walukiewicz, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2008, Proceedings, volume 5126 of Lecture Notes in Computer Science, pages 449-460. Springer, 2008.
[104] CanettiGH-stoc98
R. Canetti, O. Goldreich, and S. Halevi. The Random Oracle Methodology, Revisited (Preliminary Version). In 30th ACM Symposium on the Theory of Computing 1998, Proceedings, pages 209-218. ACM, 1998.
[105] CanettiMR-stoc98
R. Canetti, D. Micciancio, and O. Reingold. Perfectly One-Way Probabilistic Hash Functions (Preliminary Version). In 30th ACM Symposium on the Theory of Computing 1998, Proceedings, pages 131-140. ACM, 1998.
[106] CanettiRSTVW-crypto07
R. Canetti, R. L. Rivest, M. Sudan, L. Trevisan, S. P. Vadhan, and H. Wee. Amplifying Collision Resistance: A Complexity-Theoretic Treatment. In A. Menezes, editor, Advances in Cryptology - CRYPTO 2007, Proceedings, volume 4622 of Lecture Notes in Computer Science, pages 264-283. Springer, 2007.
[107] CarterW-stoc77
L. Carter and M. N. Wegman. Universal Classes of Hash Functions (Extended Abstract). In 9th ACM Symposium on the Theory of Computing 1977, Proceedings, pages 106-112. ACM, 1977.
[108] CarterW-jcss79
L. Carter and M. N. Wegman. Universal Classes of Hash Functions. Journal of Computer and System Sciences, 18(2):143-154, 1979.
[109] ChabaudJ-crypto98
F. Chabaud and A. Joux. Differential Collisions in SHA-0. In H. Krawczyk, editor, Advances in Cryptology - CRYPTO '98, Proceedings, volume 1462 of Lecture Notes in Computer Science, pages 56-71. Springer, 1998.
[110] ChangGN-indocrypt06
D. Chang, K. C. Gupta, and M. Nandi. RC4-Hash: A New Hash Function Based on RC4. In R. Barua and T. Lange, editors, Progress in Cryptology - INDOCRYPT 2006, Proceedings, volume 4329 of Lecture Notes in Computer Science, pages 80-94. Springer, 2006.
[111] ChangLNY-asiacrypt06
D. Chang, S. Lee, M. Nandi, and M. Yung. Indifferentiable Security Analysis of Popular Hash Functions with Prefix-Free Padding. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 283-298. Springer, 2006.
[112] ChangN-fse08
D. Chang and M. Nandi. Improved Indifferentiability Security Analysis of chopMD Hash Function. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 429-443. Springer, 2008.
[113] ChangNY-fse11
D. Chang, M. Nandi, and M. Yung. On the Security of Hash Functions Employing Blockcipher Postprocessing. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 146-166. Springer, 2011.
[114] ChangSSLL-sac02
D. Chang, J. Sung, S. H. Sung, S. Lee, and J. Lim. Full-Round Differential Attack on the Original Version of the Hash Function Proposed at PKC'98. In K. Nyberg and H. M. Heys, editors, Selected Areas in Cryptography 2002, Proceedings, volume 2595 of Lecture Notes in Computer Science, pages 160-174. Springer, 2003.
[115] ChangYSHL-acisp07
D. Chang, M. Yung, J. Sung, S. Hong, and S. Lee. Preimage Attack on the Parallel FFT-Hashing Function. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 59-67. Springer, 2007.
[116] CharlesGL-nist06
D. Charles, E. Goren, and K. Lauter. Cryptographic Hash Functions from Expander Graphs. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[117] CharlesLG-joc09
D. X. Charles, K. E. Lauter, and E. Z. Goren. Cryptographic Hash Functions from Expander Graphs. Journal of Cryptology, 22(1):93-113, 2009.
[118] CharnesP-asiacrypt94
C. Charnes and J. Pieprzyk. Attacking the SL2 Hashing Scheme. In J. Pieprzyk and R. Safavi-Naini, editors, Advances in Cryptology - ASIACRYPT '94, Proceedings, volume 917 of Lecture Notes in Computer Science, pages 322-330. Springer, 1995.
[119] ChaumHP-crypto91
D. Chaum, E. van Heijst, and B. Pfitzmann. Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer. In J. Feigenbaum, editor, Advances in Cryptology - CRYPTO '91, Proceedings, volume 576 of Lecture Notes in Computer Science, pages 470-484. Springer, 1992.
[120] ChavesKSV-ches06
R. Chaves, G. Kuzmanov, L. Sousa, and S. Vassiliadis. Improving SHA-2 Hardware Implementations. In L. Goubin and M. Matsui, editors, Cryptographic Hardware and Embedded Systems - CHES 2006, Proceedings, volume 4249 of Lecture Notes in Computer Science, pages 298-310. Springer, 2006.
[121] ChenJ-cisc07
S. Chen and C. Jin. An Improved Collision Attack on MD5 Algorithm. In D. Pei, M. Yung, D. Lin, and C. Wu, editors, Information Security and Cryptology (INSCRYPT) 2007, Proceedings, volume 4990 of Lecture Notes in Computer Science, pages 343-357. Springer, 2008.
[122] ChoPSY-icisc06
H.-S. Cho, S. Park, S. H. Sung, and A. Yun. Collision Search Attack for 53-Step HAS-160. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 286-295. Springer, 2006.
[123] ClarkeDDGS-asiacrypt03
D. E. Clarke, S. Devadas, M. van Dijk, B. Gassend, and G. E. Suh. Incremental Multiset Hash Functions and Their Application to Memory Integrity Checking. In C.-S. Laih, editor, Advances in Cryptology - ASIACRYPT 2003, Proceedings, volume 2894 of Lecture Notes in Computer Science, pages 188-207. Springer, 2003.
[124] Cohen-cs87
F. Cohen. A Cryptographic Checksum for Integrity Protection. Computers & Security, 6(6):505-510, 1987.
[125] ContiniLS-nist05
S. Contini, A. Lenstra, and R. Steinfeld. VSH, an Efficient and Provable Collision Resistant Hash Function. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[126] ContiniLS-eurocrypt06
S. Contini, A. K. Lenstra, and R. Steinfeld. VSH, an Efficient and Provable Collision-Resistant Hash Function. In S. Vaudenay, editor, Advances in Cryptology - EUROCRYPT 2006, Proceedings, volume 4004 of Lecture Notes in Computer Science, pages 165-182. Springer, 2006.
[127] ContiniMP-icics07
S. Contini, K. Matusiewicz, and J. Pieprzyk. Extending FORK-256 Attack to the Full Hash Function. In S. Qing, H. Imai, and G. Wang, editors, Information and Communications Security 2007, Proceedings, volume 4861 of Lecture Notes in Computer Science, pages 296-305. Springer, 2008.
[128] ContiniY-nist06
S. Contini and Y. L. Yin. Forgery and Partial Key Recovery Attacks on HMAC and NMAC using Hash Collisions. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[129] ContiniY-asiacrypt06
S. Contini and Y. L. Yin. Forgery and Partial Key-Recovery Attacks on HMAC and NMAC Using Hash Collisions. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 37-53. Springer, 2006.
[130] Coppersmith-crypto85
D. Coppersmith. Another Birthday Attack. In H. C. Williams, editor, Advances in Cryptology - CRYPTO '85, Proceedings, volume 218 of Lecture Notes in Computer Science, pages 14-17. Springer, 1986.
[131] CoppersmithJ-fc02
D. Coppersmith and M. Jakobsson. Almost Optimal Hash Sequence Traversal. In M. Blaze, editor, Financial Cryptography 2002, Proceedings, volume 2357 of Lecture Notes in Computer Science, pages 102-119. Springer, 2003.
[132] CoronDMP-nist05
J.-S. Coron, Y. Dodis, C. Malinaud, and Puniya. A New Design Criteria for Hash-Functions. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[133] CoronDMP-crypto05
J.-S. Coron, Y. Dodis, C. Malinaud, and P. Puniya. Merkle-Damgård Revisited: How to Construct a Hash Function. In V. Shoup, editor, Advances in Cryptology - CRYPTO 2005, Proceedings, volume 3621 of Lecture Notes in Computer Science, pages 430-448. Springer, 2005.
[134] CoronPS-crypto08
J.-S. Coron, J. Patarin, and Y. Seurin. The Random Oracle Model and the Ideal Cipher Model Are Equivalent. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 1-20. Springer, 2008.
[135] DaemenA-fse07
J. Daemen and G. V. Assche. Producing Collisions for Panama, Instantaneously. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 1-18. Springer, 2007.
[136] DaemenBGV-asiacrypt91
J. Daemen, A. Bosselaers, R. Govaerts, and J. Vandewalle. Collisions for Schnorr's Hash Function FFT-Hash Presented at Crypto '91. In H. Imai, R. L. Rivest, and T. Matsumoto, editors, Advances in Cryptology - ASIACRYPT '91, Proceedings, volume 739 of Lecture Notes in Computer Science, pages 477-480. Springer, 1993.
[137] DaemenC-fse98
J. Daemen and C. S. K. Clapp. Fast Hashing and Stream Encryption with PANAMA. In S. Vaudenay, editor, Fast Software Encryption '98, Proceedings, volume 1372 of Lecture Notes in Computer Science, pages 60-74. Springer, 1998.
[138] DaemenGV-asiacrypt91
J. Daemen, R. Govaerts, and J. Vandewalle. A Framework for the Design of One-Way Hash Functions Including Cryptanalysis of Damgård's One-Way Function Based on a Cellular Automaton. In H. Imai, R. L. Rivest, and T. Matsumoto, editors, Advances in Cryptology - ASIACRYPT '91, Proceedings, volume 739 of Lecture Notes in Computer Science, pages 82-96. Springer, 1993.
[139] Damgard-eurocrypt87
I. Damgård. Collision Free Hash Functions and Public Key Signature Schemes. In D. Chaum and W. L. Price, editors, Advances in Cryptology - EUROCRYPT '87, Proceedings, volume 304 of Lecture Notes in Computer Science, pages 203-216. Springer, 1988.
[140] Damgard-crypto89a
I. Damgård. A Design Principle for Hash Functions. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 416-427. Springer, 1990.
[141] DamgardK-eurocrypt93
I. Damgård and L. R. Knudsen. The Breaking of the AR Hash Function. In T. Helleseth, editor, Advances in Cryptology - EUROCRYPT '93, Proceedings, volume 765 of Lecture Notes in Computer Science, pages 286-292. Springer, 1994.
[142] DamgardKT-acns08
I. B. Damgård, L. R. Knudsen, and S. S. Thomsen. Dakota - Hashing from a Combination of Modular Arithmetic and Symmetric Cryptography. In S. M. Bellovin, R. Gennaro, A. D. Keromytis, and M. Yung, editors, Applied Cryptography and Network Security 2008, Proceedings, volume 5037 of Lecture Notes in Computer Science, pages 144-155. Springer, 2008.
[143] CanniereMR-sac07
C. De Cannière, F. Mendel, and C. Rechberger. Collisions for 70-Step SHA-1: On the Full Cost of Collision Search. In C. M. Adams, A. Miri, and M. J. Wiener, editors, Selected Areas in Cryptography 2007, Proceedings, volume 4876 of Lecture Notes in Computer Science, pages 56-73. Springer, 2007.
[144] CanniereR-nist06
C. De Cannière and C. Rechberger. Finding SHA-1 Characteristics. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[145] CanniereR-asiacrypt06
C. De Cannière and C. Rechberger. Finding SHA-1 Characteristics: General Results and Applications. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 1-20. Springer, 2006.
[146] CanniereR-crypto08
C. De Cannière and C. Rechberger. Preimages for Reduced SHA-0 and SHA-1. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 179-202. Springer, 2008.
[147] SantisY-eurocrypt90
A. De Santis and M. Yung. On the Design of Provably Secure Cryptographic Hash Functions. In I. Damgård, editor, Advances in Cryptology - EUROCRYPT '90, Proceedings, volume 473 of Lecture Notes in Computer Science, pages 412-431. Springer, 1991.
[148] Dean-phd
R. D. Dean. Formal Aspects of Mobile Code Security. PhD thesis, Princeton University, January 1999.
[149] DebaertG-fse01
C. Debaert and H. Gilbert. The RIPEMD and RIPEMD Improved Variants of MD4 Are Not Collision Free. In M. Matsui, editor, Fast Software Encryption 2001, Proceedings, volume 2355 of Lecture Notes in Computer Science, pages 52-65. Springer, 2002.
[150] BoerB-crypto91
B. den Boer and A. Bosselaers. An Attack on the Last Two Rounds of MD4. In J. Feigenbaum, editor, Advances in Cryptology - CRYPTO '91, Proceedings, volume 576 of Lecture Notes in Computer Science, pages 194-203. Springer, 1992.
[151] BoerB-eurocrypt93
B. den Boer and A. Bosselaers. Collisions for the Compression Function of MD5. In T. Helleseth, editor, Advances in Cryptology - EUROCRYPT '93, Proceedings, volume 765 of Lecture Notes in Computer Science, pages 293-304. Springer, 1994.
[152] DetreyGK-sacrypt10
J. Detrey, P. Gaudry, and K. Khalfallah. A Low-Area Yet Performant FPGA Implementation of Shabal. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 99-113. Springer, 2011.
[153] DiffieH-tit76
W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, IT-22(6):644-654, 1976.
[154] DingY-cisc07
J. Ding and B.-Y. Yang. Multivariates Polynomials for Hashing. In D. Pei, M. Yung, D. Lin, and C. Wu, editors, Information Security and Cryptology (INSCRYPT) 2007, Proceedings, volume 4990 of Lecture Notes in Computer Science, pages 358-371. Springer, 2008.
[155] DinurS-fse11
I. Dinur and A. Shamir. An Improved Algebraic Attack on Hamsi-256. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 88-106. Springer, 2011.
[156] Dobbertin-fse96
H. Dobbertin. Cryptanalysis of MD4. In D. Gollmann, editor, Fast Software Encryption 1996, Proceedings, volume 1039 of Lecture Notes in Computer Science, pages 53-69. Springer, 1996.
[157] Dobbertin-rsa96
H. Dobbertin. The Status of MD5 After a Recent Attack. CryptoBytes, 2(2):1-6, 1996.
[158] Dobbertin-joc97
H. Dobbertin. RIPEMD with Two-Round Compress Function is Not Collision-Free. Journal of Cryptology, 10(1):51-70, 1997.
[159] Dobbertin-joc98
H. Dobbertin. Cryptanalysis of MD4. Journal of Cryptology, 11(4):253-271, 1998.
[160] Dobbertin-fse98
H. Dobbertin. The First Two Rounds of MD4 are Not One-Way. In S. Vaudenay, editor, Fast Software Encryption '98, Proceedings, volume 1372 of Lecture Notes in Computer Science, pages 284-292. Springer, 1998.
[161] DobbertinBP-fse96
H. Dobbertin, A. Bosselaers, and B. Preneel. RIPEMD-160: A Strengthened Version of RIPEMD. In D. Gollmann, editor, Fast Software Encryption 1996, Proceedings, volume 1039 of Lecture Notes in Computer Science, pages 71-82. Springer, 1996.
[162] DodisP-acns08
Y. Dodis and P. Puniya. Getting the Best Out of Existing Hash Functions; or What if We Are Stuck with SHA? In S. M. Bellovin, R. Gennaro, A. D. Keromytis, and M. Yung, editors, Applied Cryptography and Network Security 2008, Proceedings, volume 5037 of Lecture Notes in Computer Science, pages 156-173. Springer, 2008.
[163] DodisRRS-fse09
Y. Dodis, L. Reyzin, R. L. Rivest, and E. Shen. Indifferentiability of Permutation-Based Compression Functions and Tree-Based Modes of Operation, with Applications to MD6. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 104-121. Springer, 2009.
[164] DodisRS-eurocrypt09
Y. Dodis, T. Ristenpart, and T. Shrimpton. Salvaging Merkle-Damgård for Practical Applications. In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 371-388. Springer, 2009.
[165] DodsSS-ima05
C. Dods, N. P. Smart, and M. Stam. Hash Based Digital Signature Schemes. In N. P. Smart, editor, Cryptography and Coding 2005, Proceedings, volume 3796 of Lecture Notes in Computer Science, pages 96-115. Springer, 2005.
[166] DunkelmanFGL-indocrypt09
O. Dunkelman, E. Fleischmann, M. Gorski, and S. Lucks. Related-Key Rectangle Attack of the Full HAS-160 Encryption Mode. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 157-168. Springer, 2009.
[167] EtzelPR-crypto99
M. Etzel, S. Patel, and Z. Ramzan. SQUARE HASH: Fast Message Authentication via Optimized Universal Hash Functions. In M. J. Wiener, editor, Advances in Cryptology - CRYPTO '99, Proceedings, volume 1666 of Lecture Notes in Computer Science, pages 234-251. Springer, 1999.
[168] EvansW-74
A. Evans Jr., W. Kantrowitz, and E. Weiss. A User Authentication Scheme Not Requiring Secrecy in the Computer. Communications of the ACM, 17(8):437-442, 1974.
[169] FeldhoferR-otm06
M. Feldhofer and C. Rechberger. A Case Against Currently Used Hash Functions in RFID Protocols. In R. Meersman, Z. Tari, and P. Herrero, editors, On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Proceedings, volume 4277 of Lecture Notes in Computer Science, pages 372-381. Springer, 2006.
[170] FeldmeierK-crypto89
D. C. Feldmeier and P. R. Karn. UNIX Password Security - Ten Years Later. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 44-63. Springer, 1990.
[171] Filiol-icics02
E. Filiol. A New Statistical Testing for Symmetric Ciphers and Hash Functions. In R. H. Deng, S. Qing, F. Bao, and J. Zhou, editors, Information and Communications Security 2002, Proceedings, volume 2513 of Lecture Notes in Computer Science, pages 342-353. Springer, 2002.
[172] Fischlin-ctrsa08
M. Fischlin. Security of NMAC and HMAC Based on Non-malleability. In T. Malkin, editor, Topics in Cryptology - CT-RSA 2008, Proceedings, volume 4964 of Lecture Notes in Computer Science, pages 138-154. Springer, 2008.
[173] FischlinL-crypto07
M. Fischlin and A. Lehmann. Security-Amplifying Combiners for Collision-Resistant Hash Functions. In A. Menezes, editor, Advances in Cryptology - CRYPTO 2007, Proceedings, volume 4622 of Lecture Notes in Computer Science, pages 224-243. Springer, 2007.
[174] FischlinL-tcc08
M. Fischlin and A. Lehmann. Multi-property Preserving Combiners for Hash Functions. In R. Canetti, editor, Theory of Cryptography 2008, Proceedings, volume 4948 of Lecture Notes in Computer Science, pages 375-392. Springer, 2008.
[175] FischlinLP-icalp08
M. Fischlin, A. Lehmann, and K. Pietrzak. Robust Multi-property Combiners for Hash Functions Revisited. In L. Aceto, I. Damgård, L. A. Goldberg, M. M. Halldórsson, A. Ingólfsdóttir, and I. Walukiewicz, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2008, Proceedings, volume 5126 of Lecture Notes in Computer Science, pages 655-666. Springer, 2008.
[176] FleischmannGL-fse09
E. Fleischmann, M. Gorski, and S. Lucks. On the Security of Tandem-DM. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 84-103. Springer, 2009.
[177] FleischmannGL-ima09
E. Fleischmann, M. Gorski, and S. Lucks. Security of Cyclic Double Block Length Hash Functions. In M. G. Parker, editor, Cryptography and Coding 2009, Proceedings, volume 5921 of Lecture Notes in Computer Science, pages 153-175. Springer, 2009.
[178] FouqueL-ctrsa08
P.-A. Fouque and G. Leurent. Cryptanalysis of a Hash Function Based on Quasi-cyclic Codes. In T. Malkin, editor, Topics in Cryptology - CT-RSA 2008, volume 4964 of Lecture Notes in Computer Science, pages 19-35. Springer, 2008.
[179] FouqueLRV-ches09
P.-A. Fouque, G. Leurent, D. Réal, and F. Valette. Practical Electromagnetic Template Attack on HMAC. In C. Clavier and K. Gaj, editors, Cryptographic Hardware and Embedded Systems - CHES 2009, Proceedings, volume 5747 of Lecture Notes in Computer Science, pages 66-80. Springer, 2009.
[180] FouqueSZ-sac08
P.-A. Fouque, J. Stern, and S. Zimmer. Cryptanalysis of Tweaked Versions of SMASH and Reparation. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 136-150. Springer, 2009.
[181] Fuhr-asiacrypt10
T. Fuhr. Finding Second Preimages of Short Messages for Hamsi-256. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 20-37. Springer, 2010.
[182] FuhrP-fse09
T. Fuhr and T. Peyrin. Cryptanalysis of RadioGatún. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 122-138. Springer, 2009.
[183] GajHR-ches10
K. Gaj, E. Homsirikamol, and M. Rogawski. Fair and Comprehensive Methodology for Comparing Hardware Performance of Fourteen Round Two SHA-3 Candidates Using FPGAs. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 264-278. Springer, 2010.
[184] GauravaramK-ctrsa08
P. Gauravaram and J. Kelsey. Linear-XOR and Additive Checksums Don't Protect Damgård-Merkle Hashes from Generic Attacks. In T. Malkin, editor, Topics in Cryptology - CT-RSA 2008, volume 4964 of Lecture Notes in Computer Science, pages 36-51. Springer, 2008.
[185] GauravaramKKT-ijisec09
P. Gauravaram, J. Kelsey, L. R. Knudsen, and S. S. Thomsen. On hash functions using checksums. International Journal of Information Security, 9(2):137-151, 2010.
[186] GauravaramK-eurocrypt09
P. Gauravaram and L. R. Knudsen. On Randomizing Hash Functions to Strengthen the Security of Digital Signatures. In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 88-105. Springer, 2009.
[187] GauravaramKBW-acisp11
P. Gauravaram, L. R. Knudsen, N. Bagheri, and L. Wei. Improved Security Analysis of Fugue-256 (Poster). In U. Parampalli and P. Hawkes, editors, Australasian Conference on Information Security and Privacy (ACISP) 2011, Proceedings, volume 6812 of Lecture Notes in Computer Science, pages 428-432. Springer, 2011.
[188] GauravaramLMNPRS-africacrypt10
P. Gauravaram, G. Leurent, F. Mendel, M. Naya-Plasencia, T. Peyrin, C. Rechberger, and M. Schläffer. Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512. In D. J. Bernstein and T. Lange, editors, Progress in Cryptology - AFRICACRYPT 2010, Proceedings, volume 6055 of Lecture Notes in Computer Science, pages 419-436. Springer, 2010.
[189] GauravaramMDV-acisp06
P. Gauravaram, W. Millan, E. Dawson, and K. Viswanathan. Constructing Secure Hash Functions by Enhancing Merkle-Damgård Construction. In L. M. Batten and R. Safavi-Naini, editors, Australasian Conference on Information Security and Privacy (ACISP) 2006, Proceedings, volume 4058 of Lecture Notes in Computer Science, pages 407-420. Springer, 2006.
[190] GauravaramO-indocrypt07
P. Gauravaram and K. Okeya. An Update on the Side Channel Cryptanalysis of MACs Based on Cryptographic Hash Functions. In K. Srinathan, C. P. Rangan, and M. Yung, editors, Progress in Cryptology - INDOCRYPT 2007, Proceedings, volume 4859 of Lecture Notes in Computer Science, pages 393-403. Springer, 2007.
[191] GazzoniBR-sbseg06
D. L. Gazzoni Filho, P. S. L. M. Barreto, and V. Rijmen. The Maelstrom-0 Hash Function. Published at 6th Brazilian Symposium on Information and Computer System Security, August 28-September 1, 2006, Santos, Brazil.
[192] GebhardtIS-nist05
M. Gebhardt, G. Illies, and W. Schindler. A Note on Practical Value of Single Hash Collisions for Special File Formats. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[193] Geiselmann-ima95
W. Geiselmann. A Note on the Hash Function of Tillich and Zémor. In C. Boyd, editor, Cryptography and Coding 1995, Proceedings, volume 1025 of Lecture Notes in Computer Science, pages 257-263. Springer, 1995.
[194] Geiselmann-fse96
W. Geiselmann. A Note on the Hash Function of Tillich and Zémor. In D. Gollmann, editor, Fast Software Encryption 1996, Proceedings, volume 1039 of Lecture Notes in Computer Science, pages 51-52. Springer, 1996.
[195] GeiselmannS-icisc07
W. Geiselmann and R. Steinwandt. Cryptanalysis of a Hash Function Proposed at ICISC 2006. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 1-10. Springer, 2007.
[196] GennaroGKT-siamcomp05
R. Gennaro, Y. Gertner, J. Katz, and L. Trevisan. Bounds on the Efficiency of Generic Cryptographic Constructions. SIAM Journal on Computing, 35(1):217-246, 2005.
[197] Gibson-90
J. K. Gibson. Some comments on Damgard's hashing principle. Electronics Letters, 26(15):1178-1179, 1990.
[198] GilbertH-sac03
H. Gilbert and H. Handschuh. Security Analysis of SHA-256 and Sisters. In M. Matsui and R. J. Zuccherato, editors, Selected Areas in Cryptography 2003, Proceedings, volume 3006 of Lecture Notes in Computer Science, pages 175-193. Springer, 2004.
[199] GilbertP-fse10
H. Gilbert and T. Peyrin. Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 365-383. Springer, 2010.
[200] Girault-eurocrypt87
M. Girault. Hash-Functions Using Modulo-N Operations. In D. Chaum and W. L. Price, editors, Advances in Cryptology - EUROCRYPT '87, Proceedings, volume 304 of Lecture Notes in Computer Science, pages 217-226. Springer, 1988.
[201] GiraultCC-eurocrypt88
M. Girault, R. Cohen, and M. Campana. A Generalized Birthday Attack. In C. G. Günther, editor, Advances in Cryptology - EUROCRYPT '88, Proceedings, volume 330 of Lecture Notes in Computer Science, pages 129-156. Springer, 1988.
[202] GligoroskiMK-nist05
D. Gligoroski, S. Markovski, and S. J. Knapskog. A Fix of the MD4 Family of Hash Functions - Quasigroup Fold. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[203] GligoroskiMK-nist06
D. Gligoroski, S. Markovski, and L. Kocarev. Edon-R Family of Cryptographic Hash Functions. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[204] GoiSC-indocrypt01
B.-M. Goi, M. U. Siddiqi, and H.-T. Chuah. Incremental Hash Function Based on Pair Chaining & Modular Arithmetic Combining. In C. P. Rangan and C. Ding, editors, Progress in Cryptology - INDOCRYPT 2001, Proceedings, volume 2247 of Lecture Notes in Computer Science, pages 50-61. Springer, 2001.
[205] Goldreich-crypto86
O. Goldreich. Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme. In A. M. Odlyzko, editor, Advances in Cryptology - CRYPTO '86, Proceedings, volume 263 of Lecture Notes in Computer Science, pages 104-110. Springer, 1987.
[206] GoldwasserMR-crypto84
S. Goldwasser, S. Micali, and R. L. Rivest. A "Paradoxical" Solution to the Signature Problem (Abstract). In G. R. Blakley and D. Chaum, editors, Advances in Cryptology - CRYPTO '84, Proceedings, volume 196 of Lecture Notes in Computer Science, page 467. Springer, 1985.
[207] Golic-sac00
J. D. Golic. Modes of Operation of Stream Ciphers. In D. R. Stinson and S. E. Tavares, editors, Selected Areas in Cryptography 2000, Proceedings, volume 2012 of Lecture Notes in Computer Science, pages 233-247. Springer, 2001.
[208] GongLC-dcc08
Z. Gong, X. Lai, and K. Chen. A synthetic indifferentiability analysis of some block-cipher-based hash functions. Designs, Codes and Cryptography, 48(3):293-305, 2008.
[209] GorskiLP-asiacrypt08
M. Gorski, S. Lucks, and T. Peyrin. Slide Attacks on a Class of Hash Functions. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 143-160. Springer, 2008.
[210] GrasslIMS-joc11
M. Grassl, I. Ilic, S. S. Magliveras, and R. Steinwandt. Cryptanalysis of the Tillich-Zémor Hash Function. Journal of Cryptology, 24(1):148-156, 2011.
[211] GrembowskiLGNBFLS-isw02
T. Grembowski, R. Lien, K. Gaj, N. Nguyen, P. Bellows, J. Flidr, T. Lehman, and B. Schott. Comparative Analysis of the Hardware Implementations of Hash Functions SHA-1 and SHA-512. In A. H. Chan and V. D. Gligor, editors, Information Security Conference (ISC) 2002, Proceedings, volume 2433 of Lecture Notes in Computer Science, pages 75-89. Springer, 2002.
[212] GueronK-isw08
S. Gueron and M. E. Kounavis. Vortex: A New Family of One-Way Hash Functions Based on AES Rounds and Carry-Less Multiplication. In T.-C. Wu, C.-L. Lei, V. Rijmen, and D.-T. Lee, editors, Information Security Conference (ISC) 2008, Proceedings, volume 5222 of Lecture Notes in Computer Science, pages 331-340. Springer, 2008.
[213] GuoLRW-asiacrypt10
J. Guo, S. Ling, C. Rechberger, and H. Wang. Advanced Meet-in-the-Middle Preimage Attacks: First Results on Full Tiger, and Improved Results on MD4 and SHA-2. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 56-75. Springer, 2010.
[214] GuoMKLW-sac09
J. Guo, K. Matusiewicz, L. R. Knudsen, S. Ling, and H. Wang. Practical Pseudo-collisions for Hash Functions ARIRANG-224/384. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 141-156. Springer, 2009.
[215] GuoPP-crypto11
J. Guo, T. Peyrin, and A. Poschmann. The PHOTON Family of Lightweight Hash Functions. In P. Rogaway, editor, Advances in Cryptology - CRYPTO 2011, Proceedings, volume 6841 of Lecture Notes in Computer Science, pages 222-239. Springer, 2011.
[216] GuoT-sacrypt10
J. Guo and S. S. Thomsen. Deterministic Differential Properties of the Compression Function of BMW. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 338-350. Springer, 2011.
[217] HaleviK-nist05
S. Halevi and H. Krawczyk. Strengthening Digital Signatures via Randomized Hashing. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[218] HaleviK-nist06
S. Halevi and H. Krawczyk. Update on Randomized Hashing. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[219] HaleviK-crypto06
S. Halevi and H. Krawczyk. Strengthening Digital Signatures Via Randomized Hashing. In C. Dwork, editor, Advances in Cryptology - CRYPTO 2006, Proceedings, volume 4117 of Lecture Notes in Computer Science, pages 41-59. Springer, 2006.
[220] HallWKS-crypto98
C. Hall, D. Wagner, J. Kelsey, and B. Schneier. Building PRFs from PRPs. In H. Krawczyk, editor, Advances in Cryptology - CRYPTO '98, Proceedings, volume 1462 of Lecture Notes in Computer Science, pages 370-389. Springer, 1998.
[221] HanPC-fse02
D. Han, S. Park, and S. Chee. Cryptanalysis of the Modified Version of the Hash Function Proposed at PKC'98. In J. Daemen and V. Rijmen, editors, Fast Software Encryption 2002, Proceedings, volume 2365 of Lecture Notes in Computer Science, pages 252-262. Springer, 2002.
[222] HandschuhKR-ctrsa01
H. Handschuh, L. R. Knudsen, and M. J. B. Robshaw. Analysis of SHA-1 in Encryption Mode. In D. Naccache, editor, Topics in Cryptology - CT-RSA 2001, Proceedings, volume 2020 of Lecture Notes in Computer Science, pages 70-83. Springer, 2001.
[223] HandschuhP-crypto08
H. Handschuh and B. Preneel. Key-Recovery Attacks on Universal Hash Function Based MAC Algorithms. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 144-161. Springer, 2008.
[224] Harari-ima97
S. Harari. HCC: A Hash Function Using Error Correcting Codes. In M. Darnell, editor, Cryptography and Coding 1997, Proceedings, volume 1355 of Lecture Notes in Computer Science, pages 110-117. Springer, 1997.
[225] HattoriHY-ima03
M. Hattori, S. Hirose, and S. Yoshida. Analysis of Double Block Length Hash Functions. In K. G. Paterson, editor, Cryptography and Coding 2003, Proceedings, volume 2898 of Lecture Notes in Computer Science, pages 290-302. Springer, 2003.
[226] HawkesPR-nist06
P. Hawkes, M. Paddon, and G. Rose. Automated Search for Round 1 Differentials for SHA-1: Work in Progress. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[227] HellesethJ-crypto96
T. Helleseth and T. Johansson. Universal Hash Functions from Exponential Sums over Finite Fields and Galois Rings. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 31-44. Springer, 1996.
[228] Hellman-tit80
M. E. Hellman. A Cryptanalytic Time-Memory Trade-Off. IEEE Transactions on Information Theory, IT-26(4):401-406, 1980.
[229] HengK-acisp03
S.-H. Heng and K. Kurosawa. Square Hash with a Small Key Size. In R. Safavi-Naini and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2003, Proceedings, volume 2727 of Lecture Notes in Computer Science, pages 522-531. Springer, 2003.
[230] HenricksenK-sac07
M. Henricksen and L. R. Knudsen. Cryptanalysis of the CRUSH Hash Function. In C. M. Adams, A. Miri, and M. J. Wiener, editors, Selected Areas in Cryptography 2007, Proceedings, volume 4876 of Lecture Notes in Computer Science, pages 74-83. Springer, 2007.
[231] HenzenGGPZG-ches10
L. Henzen, P. Gendotti, P. Guillet, E. Pargaetzi, M. Zoller, and F. K. Gürkaynak. Developing a Hardware Evaluation Method for SHA-3 Candidates. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 248-263. Springer, 2010.
[232] Herzberg-ctrsa05
A. Herzberg. On Tolerant Cryptographic Constructions. In A. Menezes, editor, Topics in Cryptology - CT-RSA 2005, Proceedings, volume 3376 of Lecture Notes in Computer Science, pages 172-190. Springer, 2005.
[233] HilewitzYL-fse08
Y. Hilewitz, Y. L. Yin, and R. B. Lee. Accelerating the Whirlpool Hash Function Using Parallel Table Lookup and Fast Cyclical Permutation. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 173-188. Springer, 2008.
[234] HiraiKMTY-nist06
Y. Hirai, T. Kurokawa, S. Matsuo, H. Tanaka, and A. Yamamura. Classification of Hash Functions Suitable for Real-life Systems. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[235] HiraiKMTY-ieicet08
Y. Hirai, T. Kurokawa, S. Matsuo, H. Tanaka, and A. Yamamura. Classification of Hash Functions Suitable for Real-Life Systems. IEICE Transactions, 91-A(1):64-73, 2008.
[236] Hirose-nist06
S. Hirose. How to Construct Double-Block-Length Hash Functions. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[237] Hirose-sac02
S. Hirose. Secure Block Ciphers Are Not Sufficient for One-Way Hash Functions in the Preneel-Govaerts-Vandewalle Model. In K. Nyberg and H. M. Heys, editors, Selected Areas in Cryptography 2002, Proceedings, volume 2595 of Lecture Notes in Computer Science, pages 339-352. Springer, 2003.
[238] Hirose-icisc03
S. Hirose. Yet Another Definition of Weak Collision Resistance and Its Analysis. In J. I. Lim and D. H. Lee, editors, Information Security and Cryptology - ICISC 2003, Proceedings, volume 2971 of Lecture Notes in Computer Science, pages 87-96. Springer, 2004.
[239] Hirose-icisc04
S. Hirose. Provably Secure Double-Block-Length Hash Functions in a Black-Box Model. In C. Park and S. Chee, editors, Information Security and Cryptology - ICISC 2004, Proceedings, volume 3506 of Lecture Notes in Computer Science, pages 330-342. Springer, 2005.
[240] Hirose-ieicet05
S. Hirose. Weak Security Notions of Cryptographic Unkeyed Hash Functions and Their Amplifiability. IEICE Transactions, 88-A(1):33-38, 2005.
[241] Hirose-fse06
S. Hirose. Some Plausible Constructions of Double-Block-Length Hash Functions. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 210-225. Springer, 2006.
[242] Hirose-ieicet08
S. Hirose. Collision Resistance of Double-Block-Length Hash Function against Free-Start Attack. IEICE Transactions, 91-A(1):74-82, 2008.
[243] HiroseK-sac08
S. Hirose and H. Kuwakado. A Scheme to Base a Hash Function on a Block Cipher. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 262-275. Springer, 2009.
[244] HirosePY-asiacrypt07
S. Hirose, J. H. Park, and A. Yun. A Simple Variant of the Merkle-Damgård Scheme with a Permutation. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 113-129. Springer, 2007.
[245] HochS-fse06
J. J. Hoch and A. Shamir. Breaking the ICE - Finding Multicollisions in Iterated Concatenated and Expanded (ICE) Hash Functions. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 179-194. Springer, 2006.
[246] HochS-icalp08
J. J. Hoch and A. Shamir. On the Strength of the Concatenated Hash Combiner When All the Hash Functions Are Weak. In L. Aceto, I. Damgård, L. A. Goldberg, M. M. Halldórsson, A. Ingólfsdóttir, and I. Walukiewicz, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2008, Proceedings, volume 5126 of Lecture Notes in Computer Science, pages 616-630. Springer, 2008.
[247] HofheinzK-crypto08
D. Hofheinz and E. Kiltz. Programmable Hash Functions and Their Applications. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 21-38. Springer, 2008.
[248] HohlLMW-crypto93
W. Hohl, X. Lai, T. Meier, and C. Waldvogel. Security of Iterated Hash Functions Based on Block Ciphers. In D. R. Stinson, editor, Advances in Cryptology - CRYPTO '93, Proceedings, volume 773 of Lecture Notes in Computer Science, pages 379-390. Springer, 1994.
[249] HongCSLHLMC-fse06
D. Hong, D. Chang, J. Sung, S. Lee, S. Hong, J. Lee, D. Moon, and S. Chee. A New Dedicated 256-Bit Hash Function: FORK-256. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 195-209. Springer, 2006.
[250] HongKKK-icisc09
D. Hong, B. Koo, W.-H. Kim, and D. Kwon. Preimage Attacks on Reduced Steps of ARIRANG and PKC98-Hash. In D. Lee and S. Hong, editors, Information Security and Cryptology - ICISC 2009, Proceedings, volume 5984 of Lecture Notes in Computer Science, pages 315-331. Springer, 2010.
[251] HongKS-icisc09
D. Hong, B. Koo, and Y. Sasaki. Improved Preimage Attack for 68-Step HAS-160. In D. Lee and S. Hong, editors, Information Security and Cryptology - ICISC 2009, Proceedings, volume 5984 of Lecture Notes in Computer Science, pages 332-348. Springer, 2010.
[252] HongPL-asiacrypt04
D. Hong, B. Preneel, and S. Lee. Higher Order Universal One-Way Hash Functions. In P. J. Lee, editor, Advances in Cryptology - ASIACRYPT 2004, Proceedings, volume 3329 of Lecture Notes in Computer Science, pages 201-213. Springer, 2004.
[253] HongSHL-indocrypt05
D. Hong, J. Sung, S. Hong, and S. Lee. How to Construct Universal One-Way Hash Functions of Order r. In S. Maitra, C. E. V. Madhavan, and R. Venkatesan, editors, Progress in Cryptology - INDOCRYPT 2005, Proceedings, volume 3797 of Lecture Notes in Computer Science, pages 63-76. Springer, 2005.
[254] HongSHLM-nist05
D. Hong, J. Sung, S. Hong, S. Lee, and D. Moon. A New Dedicated 256-bit Hash Function: FORK-256. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[255] HsiaoR-crypto04
C.-Y. Hsiao and L. Reyzin. Finding Collisions on a Public Road, or Do Secure Hash Functions Need Secret Coins? In M. K. Franklin, editor, Advances in Cryptology - CRYPTO 2004, Proceedings, volume 3152 of Lecture Notes in Computer Science, pages 92-105. Springer, 2004.
[256] CohenH-cs88
Y. J. Huang and F. Cohen. Some Weak Points of One Fast Cryptographic Checksum Algorithm and its Improvement. Computers & Security, 7(5):503-505, 1988.
[257] IdeguchiTP-isw10
K. Ideguchi, E. Tischhauser, and B. Preneel. Improved Collision Attacks on the Reduced-Round Grøstl Hash Function. In M. Burmester, G. Tsudik, S. S. Magliveras, and I. Ilic, editors, Information Security Conference (ISC) 2010, Proceedings, volume 6531 of Lecture Notes in Computer Science, pages 1-16. Springer, 2011.
[258] IdeguchiW-indocrypt09
K. Ideguchi and D. Watanabe. Second Preimage Attack on SHAMATA-512. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 169-181. Springer, 2009.
[259] ImpagliazzoLL-stoc89
R. Impagliazzo, L. A. Levin, and M. Luby. Pseudo-random Generation from one-way functions (Extended Abstracts). In 21st Annual ACM Symposium on Theory of Computing 1989, Proceedings, pages 12-24. ACM, 1989.
[260] IndesteegeMPR-sac08
S. Indesteege, F. Mendel, B. Preneel, and C. Rechberger. Collisions and Other Non-random Properties for Step-Reduced SHA-256. In R. Avanzi, L. Keliher, and F. Sica, editors, Selected Areas in Cryptography 2008, Proceedings, volume 5381 of Lecture Notes in Computer Science, pages 276-293. Springer, 2009.
[261] IndesteegeMPS-sac09
S. Indesteege, F. Mendel, B. Preneel, and M. Schläffer. Practical Collisions for SHAMATA-256. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 1-15. Springer, 2009.
[262] IndesteegeP-isw08
S. Indesteege and B. Preneel. Collisions for RC4-Hash. In T.-C. Wu, C.-L. Lei, V. Rijmen, and D.-T. Lee, editors, Information Security Conference (ISC) 2008, Proceedings, volume 5222 of Lecture Notes in Computer Science, pages 355-366. Springer, 2008.
[263] IndesteegeP-fse09
S. Indesteege and B. Preneel. Practical Collisions for EnRUPT. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 246-259. Springer, 2009.
[264] IndesteegeP-joc11
S. Indesteege and B. Preneel. Practical Collisions for EnRUPT. Journal of Cryptology, 24(1):1-23, 2011.
[265] InoueS-pkc00
T. Inoue and K. Sakurai. Making Hash Functions From Block Ciphers Secure and Efficient by Using Convolutional Codes. In H. Imai and Y. Zheng, editors, Public Key Cryptography 2000, Proceedings, volume 1751 of Lecture Notes in Computer Science, pages 391-404. Springer, 2000.
[266] IshaiKO-tcc05
Y. Ishai, E. Kushilevitz, and R. Ostrovsky. Sufficient Conditions for Collision-Resistant Hashing. In J. Kilian, editor, Theory of Cryptography 2005, Proceedings, volume 3378 of Lecture Notes in Computer Science, pages 445-456. Springer, 2005.
[267] IsobeS-fse09
T. Isobe and K. Shibutani. Preimage Attacks on Reduced Tiger and SHA-2. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 139-155. Springer, 2009.
[268] JakobssonLMS-ctrsa03
M. Jakobsson, F. T. Leighton, S. Micali, and M. Szydlo. Fractal Merkle Tree Representation and Traversal. In M. Joye, editor, Topics in Cryptology - CT-RSA 2003, Proceedings, volume 2612 of Lecture Notes in Computer Science, pages 314-326. Springer, 2003.
[269] JeanF-fse11
J. Jean and P.-A. Fouque. Practical Near-Collisions and Collisions on Round-Reduced ECHO-256 Compression Function. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 107-127. Springer, 2011.
[270] Johansson-eurocrypt97
T. Johansson. Bucket Hashing with a Small Key Size. In W. Fumy, editor, Advances in Cryptology - EUROCRYPT '97, Proceedings, volume 1233 of Lecture Notes in Computer Science, pages 149-162. Springer, 1997.
[271] JoscakT-icisc06
D. Joscák and J. Tuma. Multi-block Collisions in Hash Functions Based on 3C and 3C+ Enhancements of the Merkle-Damgård Construction. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 257-266. Springer, 2006.
[272] Joux-crypto04
A. Joux. Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. In M. K. Franklin, editor, Advances in Cryptology - CRYPTO 2004, Proceedings, volume 3152 of Lecture Notes in Computer Science, pages 306-316. Springer, 2004.
[273] JouxG-eurocrypt94
A. Joux and L. Granboulan. A Practical Attack against Knapsack based Hash Functions (Extended Abstract). In A. D. Santis, editor, Advances in Cryptology - EUROCRYPT '94, Proceedings, volume 950 of Lecture Notes in Computer Science, pages 58-66. Springer, 1995.
[274] JouxL-asiacrypt09
A. Joux and S. Lucks. Improved Generic Algorithms for 3-Collisions. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 347-363. Springer, 2009.
[275] JouxP-crypto07
A. Joux and T. Peyrin. Hash Functions and the (Amplified) Boomerang Attack. In A. Menezes, editor, Advances in Cryptology - CRYPTO 2007, Proceedings, volume 4622 of Lecture Notes in Computer Science, pages 244-263. Springer, 2007.
[276] Jueneman-crypto86
R. R. Jueneman. A High Speed Manipulation Detection Code. In A. M. Odlyzko, editor, Advances in Cryptology - CRYPTO '86, Proceedings, volume 263 of Lecture Notes in Computer Science, pages 327-346. Springer, 1987.
[277] JuenemanMM-83
R. R. Jueneman, S. M. Matyas, and C. H. Meyer. Message Authentication With Manipulation Detection Codes. In Symposium on Security and Privacy 1983, Proceedings, pages 33-54. IEEE, 1983.
[278] JuenemanMM-85
R. R. Jueneman, S. M. Matyas, and C. H. Meyer. Message authentication. IEEE Communications Magazine, 23(9):29-40, 1985.
[279] JutlaP-nist05
C. S. Jutla and A. C. Patthak. A Simple and Provable Good Code for SHA Message Expansion. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[280] JutlaP-sac06
C. S. Jutla and A. C. Patthak. Provably Good Codes for Hash Function Design. In E. Biham and A. M. Youssef, editors, Selected Areas in Cryptography 2006, Proceedings, volume 4356 of Lecture Notes in Computer Science, pages 376-393. Springer, 2007.
[281] Kaliski-eurocrypt90
B. S. Kaliski Jr. The MD4 Message Digest Algorithm (Abstract). In I. Damgård, editor, Advances in Cryptology - EUROCRYPT '90, Proceedings, volume 473 of Lecture Notes in Computer Science, page 492. Springer, 1991.
[282] Kaliski-ctrsa02
B. S. Kaliski Jr. On Hash Function Firewalls in Signature Schemes. In B. Preneel, editor, Topics in Cryptology - CT-RSA 2002, Proceedings, volume 2271 of Lecture Notes in Computer Science, pages 1-16. Springer, 2002.
[283] KaliskiR-rsa95
B. S. Kaliski Jr. and M. Robshaw. Message Authentication with MD5. CryptoBytes, 1(1):5-8, 1995.
[284] KasselmanP-el00
P. R. Kasselman and W. T. Penzhorn. Cryptanalysis of reduced version of HAVAL. Electronics Letters, 36(1):30-31, 2000.
[285] KauerSZ-nist05
N. Kauer, T. Suarez, and Y. Zheng. Enhancing the MD-Strengthening and Designing Scalable Families of One-Way Hash Algorithms. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[286] Kelsey-nist05a
J. Kelsey. New Attacks? Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[287] Kelsey-nist05
J. Kelsey. Truncation Mode for SHA. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[288] KelseyK-nist05
J. Kelsey and T. Kohno. Herding Hash Functions and the Nostradamus Attack. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[289] KelseyK-eurocrypt06
J. Kelsey and T. Kohno. Herding Hash Functions and the Nostradamus Attack. In S. Vaudenay, editor, Advances in Cryptology - EUROCRYPT 2006, Proceedings, volume 4004 of Lecture Notes in Computer Science, pages 183-200. Springer, 2006.
[290] KelseyL-fse06
J. Kelsey and S. Lucks. Collisions and Near-Collisions for Reduced-Round Tiger. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 111-125. Springer, 2006.
[291] KelseyS-eurocrypt05
J. Kelsey and B. Schneier. Second Preimages on n-Bit Hash Functions for Much Less than 2n Work. In R. Cramer, editor, Advances in Cryptology - EUROCRYPT 2005, Proceedings, volume 3494 of Lecture Notes in Computer Science, pages 474-490. Springer, 2005.
[292] KhazaeiKMS-africacrypt10
S. Khazaei, S. Knellwolf, W. Meier, and D. Stefan. Improved Linear Differential Attacks on CubeHash. In D. J. Bernstein and T. Lange, editors, Progress in Cryptology - AFRICACRYPT 2010, Proceedings, volume 6055 of Lecture Notes in Computer Science, pages 407-418. Springer, 2010.
[293] Khovratovich-indocrypt08
D. Khovratovich. Two Attacks on RadioGatún. In D. R. Chowdhury, V. Rijmen, and A. Das, editors, Progress in Cryptology - INDOCRYPT 2008, Proceedings, volume 5365 of Lecture Notes in Computer Science, pages 53-66. Springer, 2008.
[294] Khovratovich-sac09
D. Khovratovich. Cryptanalysis of Hash Functions with Structures. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 108-125. Springer, 2009.
[295] KhovratovichBN-ctrsa09
D. Khovratovich, A. Biryukov, and I. Nikolic. Speeding up Collision Search for Byte-Oriented Hash Functions. In M. Fischlin, editor, Topics in Cryptology - CT-RSA 2009, Proceedings, volume 5473 of Lecture Notes in Computer Science, pages 164-181. Springer, 2009.
[296] KhovratovichNRS-sacrypt10
D. Khovratovich, M. Naya-Plasencia, A. Röck, and M. Schläffer. Cryptanalysis of Luffa v2 Components. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 388-409. Springer, 2011.
[297] KhovratovichN-fse10
D. Khovratovich and I. Nikolic. Rotational Cryptanalysis of ARX. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 333-346. Springer, 2010.
[298] KhovratovichNR-asiacrypt10
D. Khovratovich, I. Nikolic, and C. Rechberger. Rotational Rebound Attacks on Reduced Skein. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 1-19. Springer, 2010.
[299] KhovratovichNW-fse09
D. Khovratovich, I. Nikolic, and R.-P. Weinmann. Meet-in-the-Middle Attacks on SHA-3 Candidates. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 228-245. Springer, 2009.
[300] KlimovS-fse05
A. Klimov and A. Shamir. New Applications of T-Functions in Block Ciphers and Hash Functions. In H. Gilbert and H. Handschuh, editors, Fast Software Encryption 2005, Proceedings, volume 3557 of Lecture Notes in Computer Science, pages 18-31. Springer, 2005.
[301] Knudsen-fse05
L. R. Knudsen. SMASH - A Cryptographic Hash Function. In H. Gilbert and H. Handschuh, editors, Fast Software Encryption 2005, Proceedings, volume 3557 of Lecture Notes in Computer Science, pages 228-242. Springer, 2005.
[302] KnudsenL-eurocrypt94
L. R. Knudsen and X. Lai. New Attacks on all Double Block Length Hash Functions of Hash Rate 1, including the Parallel-DM. In A. De Santis, editor, Advances in Cryptology - EUROCRYPT '94, Proceedings, volume 950 of Lecture Notes in Computer Science, pages 410-418. Springer, 1995.
[303] KnudsenLP-joc98
L. R. Knudsen, X. Lai, and B. Preneel. Attacks on Fast Double Block Length Hash Functions. Journal of Cryptology, 11(1):59-72, 1998.
[304] KnudsenM-fse05
L. R. Knudsen and J. E. Mathiassen. Preimage and Collision Attacks on MD2. In H. Gilbert and H. Handschuh, editors, Fast Software Encryption 2005, Proceedings, volume 3557 of Lecture Notes in Computer Science, pages 255-267. Springer, 2005.
[305] KnudsenMMT-joc10
L. R. Knudsen, J.-E. Mathiassen, F. Muller, and S. S. Thomsen. Cryptanalysis of MD2. Journal of Cryptology, 23(1):72-90, 2010.
[306] KnudsenMRT-eurocrypt09
L. R. Knudsen, F. Mendel, C. Rechberger, and S. S. Thomsen. Cryptanalysis of MDC-2. In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 106-120. Springer, 2009.
[307] KnudsenM-asiacrypt05
L. R. Knudsen and F. Muller. Some Attacks Against a Double Length Hash Proposal. In B. K. Roy, editor, Advances in Cryptology - ASIACRYPT 2005, Proceedings, volume 3788 of Lecture Notes in Computer Science, pages 462-473. Springer, 2005.
[308] KnudsenP-asiacrypt96
L. R. Knudsen and B. Preneel. Hash Functions Based on Block Ciphers and Quaternary Codes. In K. Kim and T. Matsumoto, editors, Advances in Cryptology - ASIACRYPT '96, Proceedings, volume 1163 of Lecture Notes in Computer Science, pages 77-90. Springer, 1996.
[309] KnudsenP-crypto97
L. R. Knudsen and B. Preneel. Fast and Secure Hashing Based on Codes. In B. S. Kaliski Jr., editor, Advances in Cryptology - CRYPTO '97, Proceedings, volume 1294 of Lecture Notes in Computer Science, pages 485-498. Springer, 1997.
[310] KnudsenP-tit02
L. R. Knudsen and B. Preneel. Construction of secure and fast hash functions using nonbinary error-correcting codes. IEEE Transactions on Information Theory, 48(9):2524-2539, 2002.
[311] KnudsenRT-fse07
L. R. Knudsen, C. Rechberger, and S. S. Thomsen. The Grindahl Hash Functions. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 39-57. Springer, 2007.
[312] KnudsenT-secrypt06
L. R. Knudsen and S. S. Thomsen. Proposals for Iterated Hash Functions. In M. Malek, E. Fernández-Medina, and J. Hernando, editors, SECRYPT 2006, Proceedings, pages 246-253. INSTICC Press, 2006.
[313] Krawczyk-crypto94
H. Krawczyk. LFSR-based Hashing and Authentication. In Y. Desmedt, editor, Advances in Cryptology - CRYPTO '94, Proceedings, volume 839 of Lecture Notes in Computer Science, pages 129-139. Springer, 1994.
[314] Krawczyk-eurocrypt95
H. Krawczyk. New Hash Functions For Message Authentication. In L. C. Guillou and J.-J. Quisquater, editors, Advances in Cryptology - EUROCRYPT '95, Proceedings, volume 921 of Lecture Notes in Computer Science, pages 301-310. Springer, 1995.
[315] KumarSGSN-indocrypt10
A. Kumar, S. K. Sanadhya, P. Gauravaram, M. Safkhani, and M. Naderi. Cryptanalysis of Tav-128 Hash Function. In G. Gong and K. C. Gupta, editors, Progress in Cryptology - INDOCRYPT 2010, Proceedings, volume 6498 of Lecture Notes in Computer Science, pages 118-130. Springer, 2010.
[316] KuwakadoM-ieicet07
H. Kuwakado and M. Morii. Indifferentiability of Single-Block-Length and Rate-1 Compression Functions. IEICE Transactions, 90-A(10):2301-2308, 2007.
[317] LaiK-fse93
X. Lai and L. R. Knudsen. Attacks on Double Block Length Hash Functions. In R. J. Anderson, editor, Fast Software Encryption 1993, Proceedings, volume 809 of Lecture Notes in Computer Science, pages 157-165. Springer, 1994.
[318] LaiM-eurocrypt92
X. Lai and J. L. Massey. Hash Functions Based on Block Ciphers. In R. A. Rueppel, editor, Advances in Cryptology - EUROCRYPT '92, Proceedings, volume 658 of Lecture Notes in Computer Science, pages 55-70. Springer, 1993.
[319] LaiRW-asiacrypt92
X. Lai, R. A. Rueppel, and J. Woollven. A Fast Cryptographic Checksum Algorithm Based on Stream Ciphers. In J. Seberry and Y. Zheng, editors, Advances in Cryptology - ASIACRYPT '92, Proceedings, volume 718 of Lecture Notes in Computer Science, pages 339-348. Springer, 1993.
[320] LambergerM-isc09
M. Lamberger and F. Mendel. Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n. In P. Samarati, M. Yung, F. Martinelli, and C. A. Ardagna, editors, Information Security Conference (ISC) 2009, Proceedings, volume 5735 of Lecture Notes in Computer Science, pages 68-78. Springer, 2009.
[321] LambergerMRRS-asiacrypt09
M. Lamberger, F. Mendel, C. Rechberger, V. Rijmen, and M. Schläffer. Rebound Distinguishers: Results on the Full Whirlpool Compression Function. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 126-143. Springer, 2009.
[322] LambergerPRR-ctrsa07
M. Lamberger, N. Pramstaller, C. Rechberger, and V. Rijmen. Second Preimages for SMASH. In M. Abe, editor, Topics in Cryptology - CT-RSA 2007, Proceedings, volume 4377 of Lecture Notes in Computer Science, pages 101-111. Springer, 2007.
[323] LeeCKSH-fse08
E. Lee, D. Chang, J. Kim, J. Sung, and S. Hong. Second Preimage Attack on 3-Pass HAVAL and Partial Key-Recovery Attacks on HMAC/NMAC-3-Pass HAVAL. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 189-206. Springer, 2008.
[324] LeeCKLHSH-nist05
J. Lee, D. Chang, H. Kim, E. Lee, D. Hong, J. Sung, and S. Hong. A New 256-bit Hash Function DHA-256 - Enhancing the Security of SHA-256. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[325] LeeS-ctrsa11
J. Lee and M. Stam. MJH: A Faster Alternative to MDC-2. In A. Kiayias, editor, Topics in Cryptology - CT-RSA 2011, Proceedings, volume 6558 of Lecture Notes in Computer Science, pages 213-236. Springer, 2011.
[326] LeeSS-crypto11
J. Lee, M. Stam, and J. P. Steinberger. The Collision Security of Tandem-DM in the Ideal Cipher Model. In P. Rogaway, editor, Advances in Cryptology - CRYPTO 2011, Proceedings, volume 6841 of Lecture Notes in Computer Science, pages 561-577. Springer, 2011.
[327] LeeS-eurocrypt10
J. Lee and J. P. Steinberger. Multi-property-preserving Domain Extension Using Polynomial-Based Modes of Operation. In H. Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 573-596. Springer, 2010.
[328] LeeCLSN-asiacrypt03
W. Lee, D. Chang, S. Lee, S. H. Sung, and M. Nandi. New Parallel Domain Extenders for UOWHF. In C.-S. Laih, editor, Advances in Cryptology - ASIACRYPT 2003, Proceedings, volume 2894 of Lecture Notes in Computer Science, pages 208-227. Springer, 2003.
[329] LeeNSCLS-ieicet05
W. Lee, M. Nandi, P. Sarkar, D. Chang, S. Lee, and K. Sakurai. PGV-Style Block-Cipher-Based Hash Families and Black-Box Analysis. IEICE Transactions, 88-A(1):39-48, 2005.
[330] LeeCV-asap06
Y. K. Lee, H. Chan, and I. Verbauwhede. Throughput Optimized SHA-1 Architecture Using Unfolding Transformation. In 2006 IEEE International Conference on Application-Specific Systems, Proceedings, pages 354-359. IEEE Computer Society, 2006.
[331] LehmannT-asiacrypt09
A. Lehmann and S. Tessaro. A Modular Design for Hash Functions: Towards Making the Mix-Compress-Mix Approach Practical. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 364-381. Springer, 2009.
[332] LenstraW-acisp05
A. K. Lenstra and B. de Weger. On the Possibility of Constructing Meaningful Hash Collisions for Public Keys. In C. Boyd and J. M. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2005, Proceedings, volume 3574 of Lecture Notes in Computer Science, pages 267-279. Springer, 2005.
[333] LenstraPS-vietcrypt06
A. K. Lenstra, D. Page, and M. Stam. Discrete Logarithm Variants of VSH. In P. Q. Nguyen, editor, Progress in Cryptology - VIETCRYPT 2006, Proceedings, volume 4341 of Lecture Notes in Computer Science, pages 229-242. Springer, 2006.
[334] Leurent-fse07
G. Leurent. Message Freedom in MD4 and MD5 Collisions: Application to APOP. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 309-328. Springer, 2007.
[335] Leurent-fse08
G. Leurent. MD4 is Not One-Way. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 412-428. Springer, 2008.
[336] Leurent-ctrsa10
G. Leurent. Practical Key Recovery Attack against Secret-IV Edon-R. In J. Pieprzyk, editor, Topics in Cryptology - CT-RSA 2010, Proceedings, volume 5985 of Lecture Notes in Computer Science, pages 334-349. Springer, 2010.
[337] LeurentN-crypto09
G. Leurent and P. Q. Nguyen. How Risky Is the Random-Oracle Model? In S. Halevi, editor, Advances in Cryptology - CRYPTO 2009, Proceedings, volume 5677 of Lecture Notes in Computer Science, pages 445-464. Springer, 2009.
[338] LeurentT-fse11
G. Leurent and S. S. Thomsen. Practical Near-Collisions on the Compression Function of BMW. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 238-251. Springer, 2011.
[339] Levin-stoc85
L. A. Levin. One-Way Functions and Pseudorandom Generators. In 17th Annual ACM Symposium on Theory of Computing, Proceedings, pages 363-365. ACM, 1985.
[340] LienGG-ctrsa04
R. Lien, T. Grembowski, and K. Gaj. A 1 Gbit/s Partially Unrolled Architecture of Hash Functions SHA-1 and SHA-512. In T. Okamoto, editor, Topics in Cryptology - CT-RSA 2004, Proceedings, volume 2964 of Lecture Notes in Computer Science, pages 324-338. Springer, 2004.
[341] Liskov-sac06
M. Liskov. Constructing an Ideal Hash Function from Weak Ideal Compression Functions. In E. Biham and A. M. Youssef, editors, Selected Areas in Cryptography 2006, Proceedings, volume 4356 of Lecture Notes in Computer Science, pages 358-375. Springer, 2007.
[342] LiskovRW-crypto02
M. Liskov, R. L. Rivest, and D. Wagner. Tweakable Block Ciphers. In M. Yung, editor, Advances in Cryptology - CRYPTO 2002, Proceedings, volume 2442 of Lecture Notes in Computer Science, pages 31-46. Springer, 2002.
[343] LubyR-crypto87
M. Luby and C. Rackoff. A Study of Password Security. In C. Pomerance, editor, Advances in Cryptology - CRYPTO '87, Proceedings, volume 293 of Lecture Notes in Computer Science, pages 392-397. Springer, 1988.
[344] Lucks-asiacrypt05
S. Lucks. A Failure-Friendly Design Principle for Hash Functions. In B. K. Roy, editor, Advances in Cryptology - ASIACRYPT 2005, Proceedings, volume 3788 of Lecture Notes in Computer Science, pages 474-494. Springer, 2005.
[345] LyubashevskyM-icalp06
V. Lyubashevsky and D. Micciancio. Generalized Compact Knapsacks Are Collision Resistant. In M. Bugliesi, B. Preneel, V. Sassone, and I. Wegener, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2006, Proceedings, volume 4052 of Lecture Notes in Computer Science, pages 144-155. Springer, 2006.
[346] LyubashevskyMPR-nist06
V. Lyubashevsky, D. Micciancio, C. Peikert, and A. Rosen. Provably Secure FFT Hashing. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[347] LyubashevskyMPR-fse08
V. Lyubashevsky, D. Micciancio, C. Peikert, and A. Rosen. SWIFFT: A Modest Proposal for FFT Hashing. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 54-72. Springer, 2008.
[348] ManuelP-fse08
S. Manuel and T. Peyrin. Collisions on SHA-0 in One Hour. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 16-35. Springer, 2008.
[349] MashatanS-ijisec09
A. Mashatan and D. R. Stinson. Interactive two-channel message authentication based on Interactive-Collision Resistant hash functions. International Journal of Information Security, 8(1):49-60, 2009.
[350] MatsuoK-acisp03
T. Matsuo and K. Kurosawa. On Parallel Hash Functions Based on Block-Cipher. In R. Safavi-Naini and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2003, Proceedings, volume 2727 of Lecture Notes in Computer Science, pages 510-521. Springer, 2003.
[351] MatusiewiczNNSS-asiacrypt09
K. Matusiewicz, M. Naya-Plasencia, I. Nikolic, Y. Sasaki, and M. Schläffer. Rebound Attack on the Full Lane Compression Function. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 106-125. Springer, 2009.
[352] MatusiewiczPBCP-fse07
K. Matusiewicz, T. Peyrin, O. Billet, S. Contini, and J. Pieprzyk. Cryptanalysis of FORK-256. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 19-38. Springer, 2007.
[353] Matyas-joc91
S. M. Matyas. Key Processing with Control Vectors. Journal of Cryptology, 3(2):113-136, 1991.
[354] MatyasMO-ibm85
S. M. Matyas, C. H. Meyer, and J. Oseas. Generating strong one-way functions with crypographic algorithm. IBM Technical Disclosure Bulletin, 27(10A):5658-5659, 1985.
[355] MaurerRH-tcc04
U. M. Maurer, R. Renner, and C. Holenstein. Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology. In M. Naor, editor, Theory of Cryptography 2004, Proceedings, volume 2951 of Lecture Notes in Computer Science, pages 21-39. Springer, 2004.
[356] MaurerT-crypto07
U. M. Maurer and S. Tessaro. Domain Extension of Public Random Functions: Beyond the Birthday Barrier. In A. Menezes, editor, Advances in Cryptology - CRYPTO 2007, Proceedings, volume 4622 of Lecture Notes in Computer Science, pages 187-204. Springer, 2007.
[357] MaurerT-asiacrypt08
U. M. Maurer and S. Tessaro. Basing PRFs on Constant-Query Weak PRFs: Minimizing Assumptions for Efficient Symmetric Cryptography. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 161-178. Springer, 2008.
[358] McLooneM-vlsisp07
M. McLoone and C. McIvor. High-speed & Low Area Hardware Architectures of the Whirlpool Hash Function. VLSI Signal Processing, 47(1):47-57, 2007.
[359] Mendel-africacrypt09
F. Mendel. Two Passes of Tiger Are Not One-Way. In B. Preneel, editor, Progress in Cryptology - AFRICACRYPT 2009, Proceedings, volume 5580 of Lecture Notes in Computer Science, pages 29-40. Springer, 2009.
[360] MendelLP-ctrsa07
F. Mendel, J. Lano, and B. Preneel. Cryptanalysis of Reduced Variants of the FORK-256 Hash Function. In M. Abe, editor, Topics in Cryptology - CT-RSA 2007, Proceedings, volume 4377 of Lecture Notes in Computer Science, pages 85-100. Springer, 2007.
[361] MendelN-indocrypt09
F. Mendel and T. Nad. A Distinguisher for the Compression Function of SIMD-512. In B. K. Roy and N. Sendrier, editors, Progress in Cryptology - INDOCRYPT 2009, Proceedings, volume 5922 of Lecture Notes in Computer Science, pages 219-232. Springer, 2009.
[362] MendelNS-acns09
F. Mendel, T. Nad, and M. Schläffer. Collision Attack on Boole. In M. Abdalla, D. Pointcheval, P.-A. Fouque, and D. Vergnaud, editors, Applied Cryptography and Network Security 2009, Proceedings, volume 5536 of Lecture Notes in Computer Science, pages 369-381. Springer, 2009.
[363] MendelPRS-sac09
F. Mendel, T. Peyrin, C. Rechberger, and M. Schläffer. Improved Cryptanalysis of the Reduced Grøstl Compression Function, ECHO Permutation and AES Block Cipher. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 16-35. Springer, 2009.
[364] MendelPR-icisc06
F. Mendel, N. Pramstaller, and C. Rechberger. Improved Collision Attack on the Hash Function Proposed at PKC'98. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 8-21. Springer, 2006.
[365] MendelPR-fse08
F. Mendel, N. Pramstaller, and C. Rechberger. A (Second) Preimage Attack on the GOST Hash Function. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 224-234. Springer, 2008.
[366] MendelPRKS-crypto08
F. Mendel, N. Pramstaller, C. Rechberger, M. Kontak, and J. Szmidt. Cryptanalysis of the GOST Hash Function. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 162-178. Springer, 2008.
[367] MendelPRR-fse06
F. Mendel, N. Pramstaller, C. Rechberger, and V. Rijmen. Analysis of Step-Reduced SHA-256. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 126-143. Springer, 2006.
[368] MendelPRR-isw06
F. Mendel, N. Pramstaller, C. Rechberger, and V. Rijmen. On the Collision Resistance of RIPEMD-160. In S. K. Katsikas, J. Lopez, M. Backes, S. Gritzalis, and B. Preneel, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4176 of Lecture Notes in Computer Science, pages 101-116. Springer, 2006.
[369] MendelPRR-fse06a
F. Mendel, N. Pramstaller, C. Rechberger, and V. Rijmen. The Impact of Carries on the Complexity of Collision Attacks on SHA-1. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 278-292. Springer, 2006.
[370] MendelPRYW-indocrypt06
F. Mendel, B. Preneel, V. Rijmen, H. Yoshida, and D. Watanabe. Update on Tiger. In R. Barua and T. Lange, editors, Progress in Cryptology - INDOCRYPT 2006, Proceedings, volume 4329 of Lecture Notes in Computer Science, pages 63-79. Springer, 2006.
[371] MendelRS-acns09
F. Mendel, C. Rechberger, and M. Schläffer. Cryptanalysis of Twister. In M. Abdalla, D. Pointcheval, P.-A. Fouque, and D. Vergnaud, editors, Applied Cryptography and Network Security 2009, Proceedings, volume 5536 of Lecture Notes in Computer Science, pages 342-353. Springer, 2009.
[372] MendelRS-asiacrypt09
F. Mendel, C. Rechberger, and M. Schläffer. MD5 Is Weaker Than Weak: Attacks on Concatenated Combiners. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 144-161. Springer, 2009.
[373] MendelRST-fse09
F. Mendel, C. Rechberger, M. Schläffer, and S. S. Thomsen. The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 260-276. Springer, 2009.
[374] MendelRST-ctrsa10
F. Mendel, C. Rechberger, M. Schläffer, and S. S. Thomsen. Rebound Attacks on the Reduced Grøstl Hash Function. In J. Pieprzyk, editor, Topics in Cryptology - CT-RSA 2010, Proceedings, volume 5985 of Lecture Notes in Computer Science, pages 350-365. Springer, 2010.
[375] MendelR-icisc07
F. Mendel and V. Rijmen. Colliding Message Pair for 53-Step HAS-160. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 324-334. Springer, 2007.
[376] MendelR-asiacrypt07
F. Mendel and V. Rijmen. Cryptanalysis of the Tiger Hash Function. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 536-550. Springer, 2007.
[377] MendelR-icisc07a
F. Mendel and V. Rijmen. Weaknesses in the HAS-V Compression Function. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 335-345. Springer, 2007.
[378] MendelS-acisp08
F. Mendel and M. Schläffer. Collisions for Round-Reduced LAKE. In Y. Mu, W. Susilo, and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2008, Proceedings, volume 5107 of Lecture Notes in Computer Science, pages 267-281. Springer, 2008.
[379] MendelS-isc09
F. Mendel and M. Schläffer. On Free-Start Collisions and Collisions for TIB3. In P. Samarati, M. Yung, F. Martinelli, and C. A. Ardagna, editors, Information Security Conference (ISC) 2009, Proceedings, volume 5735 of Lecture Notes in Computer Science, pages 95-106. Springer, 2009.
[380] Merkle-crypto87
R. C. Merkle. A Digital Signature Based on a Conventional Encryption Function. In C. Pomerance, editor, Advances in Cryptology - CRYPTO '87, Proceedings, volume 293 of Lecture Notes in Computer Science, pages 369-378. Springer, 1988.
[381] Merkle-crypto89
R. C. Merkle. A Certified Digital Signature. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 218-238. Springer, 1990.
[382] Merkle-joc90
R. C. Merkle. A Fast Software One-Way Hash Function. Journal of Cryptology, 3(1):43-58, 1990.
[383] Merkle-crypto89a
R. C. Merkle. One Way Hash Functions and DES. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 428-446. Springer, 1990.
[384] MeyerS-securicom88
C. H. Meyer and M. Schilling. Secure program load with manipulation detection code. In SECURICOM 88, Proceedings, pages 111-130, 1988.
[385] MihaljevicZI-pkc98
M. J. Mihaljevic, Y. Zheng, and H. Imai. A Cellular Automaton Based Fast One-Way Hash Function Suitable for Hardware Implementation. In H. Imai and Y. Zheng, editors, Public Key Cryptography '98, Proceedings, volume 1431 of Lecture Notes in Computer Science, pages 217-233. Springer, 1998.
[386] MinierNP-fse11
M. Minier, M. Naya-Plasencia, and T. Peyrin. Analysis of Reduced-SHAvite-3-256 v2. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 68-87. Springer, 2011.
[387] MinierPP-cans10
M. Minier, R. C. W. Phan, and B. Pousse. Integral Distinguishers of Some SHA-3 Candidates. In S.-H. Heng, R. N. Wright, and B.-M. Goi, editors, Cryptology and Network Security (CANS) 2010, Proceedings, volume 6467 of Lecture Notes in Computer Science, pages 106-123. Springer, 2010.
[388] Mironov-eurocrypt01
I. Mironov. Hash Functions: From Merkle-Damgård to Shoup. In B. Pfitzmann, editor, Advances in Cryptology - EUROCRYPT 2001, Proceedings, volume 2045 of Lecture Notes in Computer Science, pages 166-181. Springer, 2001.
[389] Mironov-pkc06
I. Mironov. Collision-Resistant No More: Hash-and-Sign Paradigm Revisited. In M. Yung, Y. Dodis, A. Kiayias, and T. Malkin, editors, Public Key Cryptography - PKC 2006, Proceedings, volume 3958 of Lecture Notes in Computer Science, pages 140-156. Springer, 2006.
[390] Mironov-fse10
I. Mironov. Domain Extension for Enhanced Target Collision-Resistant Hash Functions. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 153-167. Springer, 2010.
[391] MiyaguchiOI-eurocrypt90
S. Miyaguchi, K. Ohta, and M. Iwata. Confirmation that Some Hash Functions Are Not Collision Free. In I. Damgård, editor, Advances in Cryptology - EUROCRYPT '90, Proceedings, volume 473 of Lecture Notes in Computer Science, pages 326-343. Springer, 1991.
[392] Mohassel-sacrypt10
P. Mohassel. One-Time Signatures and Chameleon Hash Functions. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 302-319. Springer, 2011.
[393] MouhaSAPTTP-cisc09
N. Mouha, G. Sekar, J.-P. Aumasson, T. Peyrin, S. S. Thomsen, M. S. Turan, and B. Preneel. Cryptanalysis of the ESSENCE Family of Hash Functions. In F. Bao, M. Yung, D. Lin, and J. Jing, editors, Information Security and Cryptology (INSCRYPT) 2009, Proceedings, volume 6151 of Lecture Notes in Computer Science, pages 15-34. Springer, 2011.
[394] MouhaVCP-sacrypt10
N. Mouha, V. Velichkov, C. D. Cannière, and B. Preneel. The Differential Analysis of S-Functions. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 36-56. Springer, 2011.
[395] Muller-asiacrypt04
F. Muller. The MD2 Hash Function Is Not One-Way. In P. J. Lee, editor, Advances in Cryptology - ASIACRYPT 2004, Proceedings, volume 3329 of Lecture Notes in Computer Science, pages 214-229. Springer, 2004.
[396] MullerP-icisc06
F. Muller and T. Peyrin. Cryptanalysis of T-Function-Based Hash Functions. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 267-285. Springer, 2006.
[397] NaitoOK-ieicet08
Y. Naito, K. Ohta, and N. Kunihiro. Improved Collision Search for Hash Functions: New Advanced Message Modification. IEICE Transactions, 91-A(1):46-54, 2008.
[398] NaitoSKO-icisc05
Y. Naito, Y. Sasaki, N. Kunihiro, and K. Ohta. Improved Collision Attack on MD4 with Probability Almost 1. In D. Won and S. Kim, editors, Information Security and Cryptology - ICISC 2005, Proceedings, volume 3935 of Lecture Notes in Computer Science, pages 129-145. Springer, 2006.
[399] NaitoSSYKO-asiacrypt06
Y. Naito, Y. Sasaki, T. Shimoyama, J. Yajima, N. Kunihiro, and K. Ohta. Improved Collision Search for SHA-0. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 21-36. Springer, 2006.
[400] NaitoYWO-asiacrypt09
Y. Naito, K. Yoneyama, L. Wang, and K. Ohta. How to Confirm Cryptosystems Security: The Original Merkle-Damgård Is Still Alive! In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, Proceedings, volume 5912 of Lecture Notes in Computer Science, pages 382-398. Springer, 2009.
[401] NakajimaM-eurocrypt02
J. Nakajima and M. Matsui. Performance Analysis and Parallel Implementation of Dedicated Hash Functions. In L. R. Knudsen, editor, Advances in Cryptology - EUROCRYPT 2002, Proceedings, volume 2332 of Lecture Notes in Computer Science, pages 165-180. Springer, 2002.
[402] Nandi-indocrypt05
M. Nandi. Towards Optimal Double-Length Hash Functions. In S. Maitra, C. E. V. Madhavan, and R. Venkatesan, editors, Progress in Cryptology - INDOCRYPT 2005, Proceedings, volume 3797 of Lecture Notes in Computer Science, pages 77-89. Springer, 2005.
[403] Nandi-acisp09
M. Nandi. Characterizing Padding Rules of MD Hash Functions Preserving Collision Security. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 171-184. Springer, 2009.
[404] NandiLSL-fse05
M. Nandi, W. Lee, K. Sakurai, and S. Lee. Security Analysis of a 2/3-Rate Double Length Compression Function in the Black-Box Model. In H. Gilbert and H. Handschuh, editors, Fast Software Encryption 2005, Proceedings, volume 3557 of Lecture Notes in Computer Science, pages 243-254. Springer, 2005.
[405] NandiP-indocrypt10
M. Nandi and S. Paul. Speeding Up the Wide-Pipe: Secure and Fast Hashing. In G. Gong and K. C. Gupta, editors, Progress in Cryptology - INDOCRYPT 2010, Proceedings, volume 6498 of Lecture Notes in Computer Science, pages 144-162. Springer, 2010.
[406] NandiS-tit07
M. Nandi and D. R. Stinson. Multicollision Attacks on Some Generalized Sequential Hash Functions. IEEE Transactions on Information Theory, 53(2):759-767, 2007.
[407] NaorSW-icalp08
M. Naor, G. Segev, and U. Wieder. History-Independent Cuckoo Hashing. In L. Aceto, I. Damgård, L. A. Goldberg, M. M. Halldórsson, A. Ingólfsdóttir, and I. Walukiewicz, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2008, Proceedings, volume 5126 of Lecture Notes in Computer Science, pages 631-642. Springer, 2008.
[408] NaorY-stoc89
M. Naor and M. Yung. Universal One-Way Hash Functions and their Cryptographic Applications. In 21st ACM Symposium on the Theory of Computing 1989, Proceedings, pages 33-43. ACM, 1989.
[409] Naya-Plasencia-crypto11
M. Naya-Plasencia. How to Improve Rebound Attacks. In P. Rogaway, editor, Advances in Cryptology - CRYPTO 2011, Proceedings, volume 6841 of Lecture Notes in Computer Science, pages 188-205. Springer, 2011.
[410] Naya-PlasenciaRALLMP-fse10
M. Naya-Plasencia, A. Röck, J.-P. Aumasson, Y. Laigle-Chapuy, G. Leurent, W. Meier, and T. Peyrin. Cryptanalysis of ESSENCE. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 134-152. Springer, 2010.
[411] NevelsteenP-eurocrypt99
W. Nevelsteen and B. Preneel. Software Performance of Universal Hash Functions. In J. Stern, editor, Advances in Cryptology - EUROCRYPT '99, Proceedings, volume 1592 of Lecture Notes in Computer Science, pages 24-41. Springer, 1999.
[412] NikolicB-fse08
I. Nikolic and A. Biryukov. Collisions for Step-Reduced SHA-256. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 1-15. Springer, 2008.
[413] NishiokaK-ieicet08
M. Nishioka and N. Komatsu. A Note on the Random Oracle Methodology. IEICE Transactions, 91-A(2):650-663, 2008.
[414] NumayamaT-acisp09
A. Numayama and K. Tanaka. On the Weak Ideal Compression Functions. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 232-248. Springer, 2009.
[415] Nyberg-fse96
K. Nyberg. Fast Accumulated Hashing. In D. Gollmann, editor, Fast Software Encryption 1996, Proceedings, volume 1039 of Lecture Notes in Computer Science, pages 83-87. Springer, 1996.
[416] OhtaharaOSS-acisp11
C. Ohtahara, K. Okada, Y. Sasaki, and T. Shimoyama. Preimage Attacks on Full-ARIRANG (Poster). In U. Parampalli and P. Hawkes, editors, Australasian Conference on Information Security and Privacy (ACISP) 2011, Proceedings, volume 6812 of Lecture Notes in Computer Science, pages 417-422. Springer, 2011.
[417] Okeya-acisp06
K. Okeya. Side Channel Attacks Against HMACs Based on Block-Cipher Based Hash Functions. In L. M. Batten and R. Safavi-Naini, editors, Australasian Conference on Information Security and Privacy (ACISP) 2006, Proceedings, volume 4058 of Lecture Notes in Computer Science, pages 432-443. Springer, 2006.
[418] OzenSS-fse10
O. Özen, T. Shrimpton, and M. Stam. Attacking the Knudsen-Preneel Compression Functions. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 94-115. Springer, 2010.
[419] OzenS-ima09
O. Özen and M. Stam. Another Glance at Double-Length Hashing. In M. G. Parker, editor, Cryptography and Coding 2009, Proceedings, volume 5921 of Lecture Notes in Computer Science, pages 176-201. Springer, 2009.
[420] OzenS-asiacrypt10
O. Özen and M. Stam. Collision Attacks against the Knudsen-Preneel Compression Functions. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 76-93. Springer, 2010.
[421] PalS-fse03
P. Pal and P. Sarkar. PARSHA-256 - A New Parallelizable Hash Function and a Multithreaded Implementation. In T. Johansson, editor, Fast Software Encryption 2003, Proceedings, volume 2887 of Lecture Notes in Computer Science, pages 347-361. Springer, 2003.
[422] ParkHL-sac00
N. K. Park, J. H. Hwang, and P. J. Lee. HAS-V: A New Hash Function with Variable Output Length. In D. R. Stinson and S. E. Tavares, editors, Selected Areas in Cryptography 2000, Proceedings, volume 2012 of Lecture Notes in Computer Science, pages 202-216. Springer, 2001.
[423] ParkSCL-acisp02
S. Park, S. H. Sung, S. Chee, and J. Lim. On the Security of Reduced Versions of 3-Pass HAVAL. In L. M. Batten and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2002, Proceedings, volume 2384 of Lecture Notes in Computer Science, pages 406-419. Springer, 2002.
[424] PasiniV-acisp07
S. Pasini and S. Vaudenay. Hash-and-Sign with Weak Hashing Made Secure. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 338-354. Springer, 2007.
[425] Patarin-eurocrypt93
J. Patarin. How to Find and Avoid Collisions for the Knapsack Hash Function. In T. Helleseth, editor, Advances in Cryptology - EUROCRYPT '93, Proceedings, volume 765 of Lecture Notes in Computer Science, pages 305-317. Springer, 1994.
[426] Patarin-asiacrypt94
J. Patarin. Collisions and Inversions for Damgård's Whole Hash Function. In J. Pieprzyk and R. Safavi-Naini, editors, Advances in Cryptology - ASIACRYPT '94, Proceedings, volume 917 of Lecture Notes in Computer Science, pages 307-321. Springer, 1995.
[427] PeikertR-tcc06
C. Peikert and A. Rosen. Efficient Collision-Resistant Hashing from Worst-Case Assumptions on Cyclic Lattices. In S. Halevi and T. Rabin, editors, Theory of Cryptography 2006, Proceedings, volume 3876 of Lecture Notes in Computer Science, pages 145-166. Springer, 2006.
[428] PetitQ-sacrypt10
C. Petit and J.-J. Quisquater. Preimages for the Tillich-Zémor Hash Function. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 282-301. Springer, 2011.
[429] PetitQTZ-ctrsa09
C. Petit, J.-J. Quisquater, J.-P. Tillich, and G. Zémor. Hard and Easy Components of Collision Search in the Zémor-Tillich Hash Function: New Attacks and Reduced Variants with Equivalent Security. In M. Fischlin, editor, Topics in Cryptology - CT-RSA 2009, Proceedings, volume 5473 of Lecture Notes in Computer Science, pages 182-194. Springer, 2009.
[430] Peyrin-asiacrypt07
T. Peyrin. Cryptanalysis of Grindahl. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 551-567. Springer, 2007.
[431] Peyrin-crypto10
T. Peyrin. Improved Differential Attacks for ECHO and Grøstl. In T. Rabin, editor, Advances in Cryptology - CRYPTO 2010, Proceedings, volume 6223 of Lecture Notes in Computer Science, pages 370-392. Springer, 2010.
[432] PeyrinGMR-asiacrypt06
T. Peyrin, H. Gilbert, F. Muller, and M. J. B. Robshaw. Combining Compression Functions and Block Cipher-Based Hash Functions. In X. Lai and K. Chen, editors, Advances in Cryptology - ASIACRYPT 2006, Proceedings, volume 4284 of Lecture Notes in Computer Science, pages 315-331. Springer, 2006.
[433] PieprzykWX-sacrypt03
J. Pieprzyk, H. Wang, and C. Xing. Multiple-Time Signature Schemes against Adaptive Chosen Message Attacks. In M. Matsui and R. J. Zuccherato, editors, Selected Areas in Cryptography 2003, Proceedings, volume 3006 of Lecture Notes in Computer Science, pages 88-100. Springer, 2004.
[434] Pietrzak-eurocrypt07
K. Pietrzak. Non-trivial Black-Box Combiners for Collision-Resistant Hash-Functions Don't Exist. In M. Naor, editor, Advances in Cryptology - EUROCRYPT 2007, Proceedings, volume 4515 of Lecture Notes in Computer Science, pages 23-33. Springer, 2007.
[435] Pietrzak-crypto08
K. Pietrzak. Compression from Collisions, or Why CRHF Combiners Have a Long Output. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 413-432. Springer, 2008.
[436] PramstallerLR-acisp07
N. Pramstaller, M. Lamberger, and V. Rijmen. Second Preimages for Iterated Hash Functions and Their Implications on MACs. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 68-81. Springer, 2007.
[437] PramstallerRR-nist05
N. Pramstaller, C. Rechberger, and V. Rijmen. Impact of Rotations in SHA-1 and Related Hash Functions. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[438] PramstallerRR-nist05a
N. Pramstaller, C. Rechberger, and V. Rijmen. Preliminary Analysis of the SHA-256 Message Expansion. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[439] PramstallerRR-ima05
N. Pramstaller, C. Rechberger, and V. Rijmen. Exploiting Coding Theory for Collision Attacks on SHA-1. In N. P. Smart, editor, Cryptography and Coding 2005, Proceedings, volume 3796 of Lecture Notes in Computer Science, pages 78-95. Springer, 2005.
[440] PramstallerRR-sac05
N. Pramstaller, C. Rechberger, and V. Rijmen. Breaking a New Hash Function Design Strategy Called SMASH. In B. Preneel and S. E. Tavares, editors, Selected Areas in Cryptography 2005, Proceedings, volume 3897 of Lecture Notes in Computer Science, pages 233-244. Springer, 2006.
[441] PramstallerRR-sac05a
N. Pramstaller, C. Rechberger, and V. Rijmen. Impact of Rotations in SHA-1 and Related Hash Functions. In B. Preneel and S. E. Tavares, editors, Selected Areas in Cryptography 2005, Proceedings, volume 3897 of Lecture Notes in Computer Science, pages 261-275. Springer, 2006.
[442] Preneel-phd
B. Preneel. Analysis and Design of Cryptographic Hash Functions. PhD thesis, Katholieke Universiteit Leuven, February 1993.
[443] Preneel-fse93
B. Preneel. Design Principles for Dedicated Hash Functions. In R. J. Anderson, editor, Fast Software Encryption 1993, Proceedings, volume 809 of Lecture Notes in Computer Science, pages 71-82. Springer, 1994.
[444] Preneel-ima97
B. Preneel. Hash Functions and MAC Algorithms Based on Block Ciphers. In M. Darnell, editor, Cryptography and Coding 1997, Proceedings, volume 1355 of Lecture Notes in Computer Science, pages 270-282. Springer, 1997.
[445] Preneel-stateofart98
B. Preneel. Cryptographic Primitives for Information Authentication - State of the Art. In B. Preneel and V. Rijmen, editors, State of the Art in Applied Cryptography, Course on Computer Security and Industrial Cryptography - Revised Lectures, volume 1528 of Lecture Notes in Computer Science, pages 49-104. Springer, 1998.
[446] Preneel-summer98
B. Preneel. The State of Cryptographic Hash Functions. In I. Damgård, editor, Lectures on Data Security, Modern Cryptology in Theory and Practice, Summer School, Aarhus, Denmark, 1998, volume 1561 of Lecture Notes in Computer Science, pages 158-182. Springer, 1999.
[447] Preneel-cisc08
B. Preneel. The State of Hash Functions and the NIST SHA-3 Competition. In M. Yung, P. Liu, and D. Lin, editors, Information Security and Cryptology (INSCRYPT) 2008, Proceedings, volume 5487 of Lecture Notes in Computer Science, pages 1-11. Springer, 2009.
[448] Preneel-ctrsa10
B. Preneel. The First 30 Years of Cryptographic Hash Functions and the NIST SHA-3 Competition. Invited Talk. In J. Pieprzyk, editor, Topics in Cryptology - CT-RSA 2010, Proceedings, volume 5985 of Lecture Notes in Computer Science, pages 1-14. Springer, 2010.
[449] PreneelBD-rsa97
B. Preneel, A. Bosselaers, and H. Dobbertin. The Cryptographic Hash Function RIPEMD-160. CryptoBytes, 3(2):9-14, 1997.
[450] PreneelGV-car89
B. Preneel, A. Bosselaers, R. Govaerts, and J. Vandewalle. Collision-free hashfunctions based on blockcipher algorithms. In International Carnahan Conference on Security Technology 1989, Proceedings, pages 203-210. IEEE, 1989.
[451] PreneelBGV-crypto89
B. Preneel, A. Bosselaers, R. Govaerts, and J. Vandewalle. A Chosen Text Attack on The Modified Cryptographic Checksum Algorithm of Cohen and Huang. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 154-163. Springer, 1990.
[452] PreneelGV-asiacrypt92a
B. Preneel, R. Govaerts, and J. Vandewalle. An Attack on Two Hash Functions by Zheng-Matsumoto-Imai. In J. Seberry and Y. Zheng, editors, Advances in Cryptology - ASIACRYPT '92, Proceedings, volume 718 of Lecture Notes in Computer Science, pages 535-538. Springer, 1993.
[453] PreneelGV-ccs93
B. Preneel, R. Govaerts, and J. Vandewalle. Differential Cryptanalysis of Hash Functions Based on Block Ciphers. In ACM Conference on Computer and Communications Security 1993, Proceedings, pages 183-188. ACM, 1993.
[454] PreneelGV-asiacrypt92
B. Preneel, R. Govaerts, and J. Vandewalle. On the Power of Memory in the Design of Collision Resistant Hash Functions. In J. Seberry and Y. Zheng, editors, Advances in Cryptology - ASIACRYPT '92, Proceedings, volume 718 of Lecture Notes in Computer Science, pages 105-121. Springer, 1993.
[455] PreneelGV-crypto93
B. Preneel, R. Govaerts, and J. Vandewalle. Hash Functions Based on Block Ciphers: A Synthetic Approach. In D. R. Stinson, editor, Advances in Cryptology - CRYPTO '93, Proceedings, volume 773 of Lecture Notes in Computer Science, pages 368-378. Springer, 1994.
[456] PreneelO-crypto95
B. Preneel and P. C. van Oorschot. MDx-MAC and Building Fast MACs from Hash Functions. In D. Coppersmith, editor, Advances in Cryptology - CRYPTO '95, Proceedings, volume 963 of Lecture Notes in Computer Science, pages 1-14. Springer, 1995.
[457] PreneelO-eurocrypt96
B. Preneel and P. C. van Oorschot. On the Security of Two MAC Algorithms. In U. M. Maurer, editor, Advances in Cryptology - EUROCRYPT '96, Proceedings, volume 1070 of Lecture Notes in Computer Science, pages 19-32. Springer, 1996.
[458] PreneelYW-acisp11
B. Preneel, H. Yoshida, and D. Watanabe. Finding Collisions for Reduced Luffa-256 v2 (Poster). In U. Parampalli and P. Hawkes, editors, Australasian Conference on Information Security and Privacy (ACISP) 2011, Proceedings, volume 6812 of Lecture Notes in Computer Science, pages 423-427. Springer, 2011.
[459] Purdy-74
G. B. Purdy. A High Security Log-in Procedure. Communications of the ACM, 17(8):442-445, 1974.
[460] QiaoWJ-icisc09
S. Qiao, W. Wang, and K. Jia. Distinguishing Attack on Secret Prefix MAC Instantiated with Reduced SHA-1. In D. Lee and S. Hong, editors, Information Security and Cryptology - ICISC 2009, Proceedings, volume 5984 of Lecture Notes in Computer Science, pages 349-361. Springer, 2010.
[461] QuisquaterD-eurocrypt89
J.-J. Quisquater and J.-P. Delescaille. How Easy is Collision Search? Application to DES (Extended Summary). In J.-J. Quisquater and J. Vandewalle, editors, Advances in Cryptology - EUROCRYPT '89, Proceedings, volume 434 of Lecture Notes in Computer Science, pages 429-434. Springer, 1990.
[462] QuisquaterD-crypto89
J.-J. Quisquater and J.-P. Delescaille. How Easy is Collision Search. New Results and Applications to DES. In G. Brassard, editor, Advances in Cryptology - CRYPTO '89, Proceedings, volume 435 of Lecture Notes in Computer Science, pages 408-413. Springer, 1990.
[463] QuisquaterG-eurocrypt89
J.-J. Quisquater and M. Girault. 2n-Bit Hash-Functions Using n-Bit Symmetric Block Cipher Algorithms. In J.-J. Quisquater and J. Vandewalle, editors, Advances in Cryptology - EUROCRYPT '89, Proceedings, volume 434 of Lecture Notes in Computer Science, pages 102-109. Springer, 1990.
[464] Rabin-78
M. O. Rabin. Digitalized signatures. In R. Lipton and R. DeMillo, editors, Foundations of Secure Computations, pages 155-166. Academic Press, 1978.
[465] Rabin-mit79
M. O. Rabin. Digitalized Signatures and Public Key Functions as Intractable as Factorization. Technical Report MIT/LCS/TR-212, MIT, 1979.
[466] ReyhanitabarSM-acisp09
M. R. Reyhanitabar, W. Susilo, and Y. Mu. Analysis of Property-Preservation Capabilities of the ROX and ESh Hash Domain Extenders. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 153-170. Springer, 2009.
[467] ReyhanitabarSM-fse09
M. R. Reyhanitabar, W. Susilo, and Y. Mu. Enhanced Target Collision Resistant Hash Functions Revisited. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 327-344. Springer, 2009.
[468] ReyhanitabarSM-fse10
M. R. Reyhanitabar, W. Susilo, and Y. Mu. Enhanced Security Notions for Dedicated-Key Hash Functions: Definitions and Relationships. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 192-211. Springer, 2010.
[469] ReyhanitabarWS-acisp07
M. R. Reyhanitabar, S. Wang, and R. Safavi-Naini. Non-interactive Manual Channel Message Authentication Based on eTCR Hash Functions. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 385-399. Springer, 2007.
[470] RijmenO-ctrsa05
V. Rijmen and E. Oswald. Update on SHA-1. In A. Menezes, editor, Topics in Cryptology - CT-RSA 2005, Proceedings, volume 3376 of Lecture Notes in Computer Science, pages 58-71. Springer, 2005.
[471] RijmenP-fse94
V. Rijmen and B. Preneel. Improved Characteristics for Differential Cryptanalysis of Hash Functions Based on Block Ciphers. In B. Preneel, editor, Fast Software Encryption 1994, Proceedings, volume 1008 of Lecture Notes in Computer Science, pages 242-248. Springer, 1995.
[472] RijmenRPV-fse01
V. Rijmen, B. V. Rompay, B. Preneel, and J. Vandewalle. Producing Collisions for PANAMA. In M. Matsui, editor, Fast Software Encryption 2001, Proceedings, volume 2355 of Lecture Notes in Computer Science, pages 37-51. Springer, 2002.
[473] RijmenTV-fse10
V. Rijmen, D. Toz, and K. Varici. Rebound Attack on Reduced-Round Versions of JH. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 286-303. Springer, 2010.
[474] RistenpartSS-eurocrypt11
T. Ristenpart, H. Shacham, and T. Shrimpton. Careful with Composition: Limitations of the Indifferentiability Framework. In K. G. Paterson, editor, Advances in Cryptology - EUROCRYPT 2011, Proceedings, volume 6632 of Lecture Notes in Computer Science, pages 487-506. Springer, 2011.
[475] RistenpartS-asiacrypt07
T. Ristenpart and T. Shrimpton. How to Build a Hash Function from Any Collision-Resistant Function. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 147-163. Springer, 2007.
[476] Rivest-nist05
R. L. Rivest. Abelian Square-free Dithering and Recoding for Iterated Hash Functions. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[477] Rivest-crypto90
R. L. Rivest. The MD4 Message Digest Algorithm. In A. Menezes and S. A. Vanstone, editors, Advances in Cryptology - CRYPTO '90, Proceedings, volume 537 of Lecture Notes in Computer Science, pages 303-311. Springer, 1991.
[478] Roe-fse93
M. Roe. Performance of Symmetric Ciphers and One-Way Hash Functions. In R. J. Anderson, editor, Fast Software Encryption 1993, Proceedings, volume 809 of Lecture Notes in Computer Science, pages 83-89. Springer, 1994.
[479] Roe-fse94a
M. Roe. Performance of Block Ciphers and Hash Functions - One Year Later. In B. Preneel, editor, Fast Software Encryption 1994, Proceedings, volume 1008 of Lecture Notes in Computer Science, pages 359-362. Springer, 1995.
[480] Rogaway-crypto95
P. Rogaway. Bucket Hashing and its Application to Fast Message Authentication. In D. Coppersmith, editor, Advances in Cryptology - CRYPTO '95, Proceedings, volume 963 of Lecture Notes in Computer Science, pages 29-42. Springer, 1995.
[481] Rogaway-joc99
P. Rogaway. Bucket Hashing and Its Application to Fast Message Authentication. Journal of Cryptology, 12(2):91-115, 1999.
[482] Rogaway-vietcrypt06
P. Rogaway. Formalizing Human Ignorance. In P. Q. Nguyen, editor, Progress in Cryptology - VIETCRYPT 2006, Proceedings, volume 4341 of Lecture Notes in Computer Science, pages 211-228. Springer, 2006.
[483] RogawayS-fse04
P. Rogaway and T. Shrimpton. Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. In B. K. Roy and W. Meier, editors, Fast Software Encryption 2004, Proceedings, volume 3017 of Lecture Notes in Computer Science, pages 371-388. Springer, 2004.
[484] RogawayS-eurocrypt08
P. Rogaway and J. Steinberger. Security/Efficiency Tradeoffs for Permutation-Based Hashing. In N. Smart, editor, Advances in Cryptology - EUROCRYPT 2008, Proceedings, volume 4965 of Lecture Notes in Computer Science, pages 220-236. Springer, 2008.
[485] RogawayS-crypto08
P. Rogaway and J. P. Steinberger. Constructing Cryptographic Hash Functions from Fixed-Key Blockciphers. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 433-450. Springer, 2008.
[486] RogierC-dcc97
N. Rogier and P. Chauvaud. MD2 Is not Secure without the Checksum Byte. Designs, Codes and Cryptography, 12(3):245-251, 1997.
[487] RompayBPV-asiacrypt03
B. V. Rompay, A. Biryukov, B. Preneel, and J. Vandewalle. Cryptanalysis of 3-Pass HAVAL. In C.-S. Laih, editor, Advances in Cryptology - ASIACRYPT 2003, Proceedings, volume 2894 of Lecture Notes in Computer Science, pages 228-245. Springer, 2003.
[488] Rompel-stoc90
J. Rompel. One-Way Functions are Necessary and Sufficient for Secure Signatures. In 22nd ACM Symposium on the Theory of Computing 1990, Proceedings, pages 387-394. ACM, 1990.
[489] Russell-crypto92
A. Russell. Necessary and Sufficient Conditions For Collision-Free Hashing. In E. F. Brickell, editor, Advances in Cryptology - CRYPTO '92, Proceedings, volume 740 of Lecture Notes in Computer Science, pages 433-441. Springer, 1993.
[490] Russell-joc95
A. Russell. Necessary and Sufficient Conditions for Collision-Free Hashing. Journal of Cryptology, 8(2):87-100, 1995.
[491] Saarinen-indocrypt06
M.-J. O. Saarinen. Security of VSH in the Real World. In R. Barua and T. Lange, editors, Progress in Cryptology - INDOCRYPT 2006, Proceedings, volume 4329 of Lecture Notes in Computer Science, pages 95-103. Springer, 2006.
[492] Saarinen-indocrypt07a
M.-J. O. Saarinen. A Meet-in-the-Middle Collision Attack Against the New FORK-256. In K. Srinathan, C. P. Rangan, and M. Yung, editors, Progress in Cryptology - INDOCRYPT 2007, Proceedings, volume 4859 of Lecture Notes in Computer Science, pages 10-17. Springer, 2007.
[493] Saarinen-indocrypt07
M.-J. O. Saarinen. Linearization Attacks Against Syndrome Based Hashes. In K. Srinathan, C. P. Rangan, and M. Yung, editors, Progress in Cryptology - INDOCRYPT 2007, Proceedings, volume 4859 of Lecture Notes in Computer Science, pages 1-9. Springer, 2007.
[494] SadeghiyanP-eurocrypt91
B. Sadeghiyan and J. Pieprzyk. A Construction for One Way Hash Functions and Pseudorandom Bit Generators. In D. W. Davies, editor, Advances in Cryptology - EUROCRYPT '91, Proceedings, volume 547 of Lecture Notes in Computer Science, pages 431-445. Springer, 1991.
[495] SadeghiyanZP-asiacrypt91
B. Sadeghiyan, Y. Zheng, and J. Pieprzyk. How to Construct A Family of Strong One Way Permutations. In H. Imai, R. L. Rivest, and T. Matsumoto, editors, Advances in Cryptology - ASIACRYPT '91, Proceedings, volume 739 of Lecture Notes in Computer Science, pages 97-110. Springer, 1993.
[496] Safavi-NainiBC-fse98
R. Safavi-Naini, S. Bakhtiari, and C. Charnes. MRD Hashing. In S. Vaudenay, editor, Fast Software Encryption '98, Proceedings, volume 1372 of Lecture Notes in Computer Science, pages 134-149. Springer, 1998.
[497] Safavi-NainiC-dcc05
R. Safavi-Naini and C. Charnes. MRD Hashing. Designs, Codes and Cryptography, 37(2):229-242, 2005.
[498] SanadhyaS-icisc07
S. K. Sanadhya and P. Sarkar. New Local Collisions for the SHA-2 Hash Family. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 193-205. Springer, 2007.
[499] SanadhyaS-acns08
S. K. Sanadhya and P. Sarkar. Attacking Reduced Round SHA-256. In S. M. Bellovin, R. Gennaro, A. D. Keromytis, and M. Yung, editors, Applied Cryptography and Network Security 2008, Proceedings, volume 5037 of Lecture Notes in Computer Science, pages 130-143. Springer, 2008.
[500] SanadhyaS-isw08
S. K. Sanadhya and P. Sarkar. Deterministic Constructions of 21-Step Collisions for the SHA-2 Hash Family. In T.-C. Wu, C.-L. Lei, V. Rijmen, and D.-T. Lee, editors, Information Security Conference (ISC) 2008, Proceedings, volume 5222 of Lecture Notes in Computer Science, pages 244-259. Springer, 2008.
[501] SanadhyaS-indocrypt08
S. K. Sanadhya and P. Sarkar. New Collision Attacks against Up to 24-Step SHA-2. In D. R. Chowdhury, V. Rijmen, and A. Das, editors, Progress in Cryptology - INDOCRYPT 2008, Proceedings, volume 5365 of Lecture Notes in Computer Science, pages 91-103. Springer, 2008.
[502] SanadhyaS-acisp08
S. K. Sanadhya and P. Sarkar. Non-linear Reduced Round Attacks against SHA-2 Hash Family. In Y. Mu, W. Susilo, and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2008, Proceedings, volume 5107 of Lecture Notes in Computer Science, pages 254-266. Springer, 2008.
[503] SanadhyaS-cc09
S. K. Sanadhya and P. Sarkar. A combinatorial analysis of recent attacks on step reduced SHA-2 family. Cryptography and Communications, 1(2):135-173, 2009.
[504] Sarinay-acisp11
J. Sarinay. Faster and Smoother - VSH Revisited. In U. Parampalli and P. Hawkes, editors, Australasian Conference on Information Security and Privacy (ACISP) 2011, Proceedings, volume 6812 of Lecture Notes in Computer Science, pages 142-156. Springer, 2011.
[505] Sarkar-asiacrypt04
P. Sarkar. Masking Based Domain Extenders for UOWHFs: Bounds and Constructions. In P. J. Lee, editor, Advances in Cryptology - ASIACRYPT 2004, Proceedings, volume 3329 of Lecture Notes in Computer Science, pages 187-200. Springer, 2004.
[506] SarkarS-indocrypt01
P. Sarkar and P. J. Schellenberg. A Parallel Algorithm for Extending Cryptographic Hash Functions. In C. P. Rangan and C. Ding, editors, Progress in Cryptology - INDOCRYPT 2001, Proceedings, volume 2247 of Lecture Notes in Computer Science, pages 40-49. Springer, 2001.
[507] Sasaki-sac09
Y. Sasaki. Cryptanalyses of Narrow-Pipe Mode of Operation in AURORA-512 Hash Function. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 36-52. Springer, 2009.
[508] Sasaki-isc09
Y. Sasaki. Meet-in-the-Middle Attacks Using Output Truncation in 3-Pass HAVAL. In P. Samarati, M. Yung, F. Martinelli, and C. A. Ardagna, editors, Information Security Conference (ISC) 2009, Proceedings, volume 5735 of Lecture Notes in Computer Science, pages 79-94. Springer, 2009.
[509] Sasaki-africacrypt11
Y. Sasaki. Collisions of MMO-MD5 and Their Impact on Original MD5. In A. Nitaj and D. Pointcheval, editors, Progress in Cryptology - AFRICACRYPT 2011, Proceedings, volume 6737 of Lecture Notes in Computer Science, pages 117-133. Springer, 2011.
[510] Sasaki-fse11
Y. Sasaki. Meet-in-the-Middle Preimage Attacks on AES Hashing Modes and an Application to Whirlpool. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 378-396. Springer, 2011.
[511] SasakiA-asiacrypt08
Y. Sasaki and K. Aoki. Preimage Attacks on 3, 4, and 5-Pass HAVAL. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 253-271. Springer, 2008.
[512] SasakiA-acisp08
Y. Sasaki and K. Aoki. Preimage Attacks on Step-Reduced MD5. In Y. Mu, W. Susilo, and J. Seberry, editors, Australasian Conference on Information Security and Privacy (ACISP) 2008, Proceedings, volume 5107 of Lecture Notes in Computer Science, pages 282-296. Springer, 2008.
[513] SasakiA-icisc08
Y. Sasaki and K. Aoki. A Preimage Attack for 52-Step HAS-160. In P. J. Lee and J. H. Cheon, editors, Information Security and Cryptology - ICISC 2008, Proceedings, volume 5461 of Lecture Notes in Computer Science, pages 302-317. Springer, 2009.
[514] SasakiA-eurocrypt09
Y. Sasaki and K. Aoki. Finding Preimages in Full MD5 Faster Than Exhaustive Search . In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 134-152. Springer, 2009.
[515] SasakiA-acisp09
Y. Sasaki and K. Aoki. Meet-in-the-Middle Preimage Attacks on Double-Branch Hash Functions: Application to RIPEMD and Others. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 214-231. Springer, 2009.
[516] SasakiLWSO-asiacrypt10
Y. Sasaki, Y. Li, L. Wang, K. Sakiyama, and K. Ohta. Non-full-active Super-Sbox Analysis: Applications to ECHO and Grøstl. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, Proceedings, volume 6477 of Lecture Notes in Computer Science, pages 38-55. Springer, 2010.
[517] SasakiNKO-ieicet07
Y. Sasaki, Y. Naito, N. Kunihiro, and K. Ohta. Improved Collision Attacks on MD4 and MD5. IEICE Transactions, 90-A(1):36-47, 2007.
[518] SasakiNYSKO-vietcrypt06
Y. Sasaki, Y. Naito, J. Yajima, T. Shimoyama, N. Kunihiro, and K. Ohta. How to Construct Sufficient Conditions for Hash Functions. In P. Q. Nguyen, editor, Progress in Cryptology - VIETCRYPT 2006, Proceedings, volume 4341 of Lecture Notes in Computer Science, pages 243-259. Springer, 2006.
[519] SasakiWKO-ieicet08
Y. Sasaki, L. Wang, N. Kunihiro, and K. Ohta. New Message Differences for Collision Attacks on MD4 and MD5. IEICE Transactions, 91-A(1):55-63, 2008.
[520] SasakiWOK-fse07
Y. Sasaki, L. Wang, K. Ohta, and N. Kunihiro. New Message Difference for MD4. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 329-348. Springer, 2007.
[521] SasakiWOK-africacrypt08
Y. Sasaki, L. Wang, K. Ohta, and N. Kunihiro. Password Recovery on Challenge and Response: Impossible Differential Attack on Hash Function. In S. Vaudenay, editor, Progress in Cryptology - AFRICACRYPT 2008, Proceedings, volume 5023 of Lecture Notes in Computer Science, pages 290-307. Springer, 2008.
[522] SasakiWOK-ctrsa08
Y. Sasaki, L. Wang, K. Ohta, and N. Kunihiro. Security of MD5 Challenge and Response: Extension of APOP Password Recovery Attack. In T. Malkin, editor, Topics in Cryptology - CT-RSA 2008, volume 4964 of Lecture Notes in Computer Science, pages 1-18. Springer, 2008.
[523] SasakiY-fse11
Y. Sasaki and K. Yasuda. Known-Key Distinguishers on 11-Round Feistel and Collision Attacks on Its Hashing Modes. In A. Joux, editor, Fast Software Encryption 2011, Proceedings, volume 6733 of Lecture Notes in Computer Science, pages 397-415. Springer, 2011.
[524] Satoh-isw05
A. Satoh. Hardware Architecture and Cost Estimates for Breaking SHA-1. In J. Zhou, J. Lopez, R. H. Deng, and F. Bao, editors, Information Security Conference (ISC) 2005, Proceedings, volume 3650 of Lecture Notes in Computer Science, pages 259-273. Springer, 2005.
[525] SatohHK-ieicet99
T. Satoh, M. Haga, and K. Kurosawa. Towards Secure and Fast Hash Functions. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences (Special Section on Cryptography and Information Security), E82-A(1):55-62, 1999.
[526] Scheibelhofer-ctrsa07
K. Scheibelhofer. A Bit-Slice Implementation of the Whirlpool Hash Function. In M. Abe, editor, Topics in Cryptology - CT-RSA 2007, Proceedings, volume 4377 of Lecture Notes in Computer Science, pages 385-401. Springer, 2007.
[527] SchindlerGI-nist06
W. Schindler, M. Gebhardt, and G. Illies. Precise Probabilities for Hash Collision Paths. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[528] Schlaffer-sacrypt10
M. Schläffer. Subspace Distinguisher for 5/8 Rounds of the ECHO-256 Hash Function. In A. Biryukov, G. Gong, and D. R. Stinson, editors, Selected Areas in Cryptography 2010, Proceedings, volume 6544 of Lecture Notes in Computer Science, pages 369-387. Springer, 2011.
[529] SchlafferO-fse06
M. Schläffer and E. Oswald. Searching for Differential Paths in MD4. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 242-261. Springer, 2006.
[530] Schnorr-eurocrypt92
C.-P. Schnorr. FFT-Hash II, Efficient Cryptographic Hashing. In R. A. Rueppel, editor, Advances in Cryptology - EUROCRYPT '92, Proceedings, volume 658 of Lecture Notes in Computer Science, pages 45-54. Springer, 1993.
[531] SchnorrV-fse93
C.-P. Schnorr and S. Vaudenay. Parallel FFT-Hashing. In R. J. Anderson, editor, Fast Software Encryption 1993, Proceedings, volume 809 of Lecture Notes in Computer Science, pages 149-156. Springer, 1994.
[532] SchnorrV-eurocrypt94
C.-P. Schnorr and S. Vaudenay. Black Box Cryptanalysis of Hash Networks Based on Multipermutations. In A. De Santis, editor, Advances in Cryptology - EUROCRYPT '94, Proceedings, volume 950 of Lecture Notes in Computer Science, pages 47-57. Springer, 1995.
[533] SeurinP-fse07
Y. Seurin and T. Peyrin. Security Analysis of Constructions Combining FIL Random Oracles. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 119-136. Springer, 2007.
[534] ShinRRL-pkc98
S. U. Shin, K. H. Rhee, D.-H. Ryu, and S. Lee. A New Hash Function Based on MDx-Family and Its Application to MAC. In H. Imai and Y. Zheng, editors, Public Key Cryptography '98, Proceedings, volume 1431 of Lecture Notes in Computer Science, pages 234-246. Springer, 1998.
[535] ShinRY-pkc99
S. U. Shin, K. H. Rhee, and J. W. Yoon. Hash Functions and the MAC Using All-or-Nothing Property. In H. Imai and Y. Zheng, editors, Public Key Cryptography '99, Proceedings, volume 1560 of Lecture Notes in Computer Science, pages 263-275. Springer, 1999.
[536] Shoup-crypto96
V. Shoup. On Fast and Provably Secure Message Authentication Based on Universal Hashing. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 313-328. Springer, 1996.
[537] Shoup-eurocrypt00b
V. Shoup. A Composition Theorem for Universal One-Way Hash Functions. In B. Preneel, editor, Advances in Cryptology - EUROCRYPT 2000, Proceedings, volume 1807 of Lecture Notes in Computer Science, pages 445-452. Springer, 2000.
[538] Shoup-eurocrypt00a
V. Shoup. Using Hash Functions as a Hedge against Chosen Ciphertext Attack. In B. Preneel, editor, Advances in Cryptology - EUROCRYPT 2000, Proceedings, volume 1807 of Lecture Notes in Computer Science, pages 275-288. Springer, 2000.
[539] Shpilrain-icisc06
V. Shpilrain. Hashing with Polynomials. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 22-28. Springer, 2006.
[540] ShrimptonS-icalp08
T. Shrimpton and M. Stam. Building a Collision-Resistant Compression Function from Non-compressing Primitives. In L. Aceto, I. Damgård, L. A. Goldberg, M. M. Halldórsson, A. Ingólfsdóttir, and I. Walukiewicz, editors, International Colloquium on Automata, Languages and Programming (ICALP) 2008, Proceedings, volume 5126 of Lecture Notes in Computer Science, pages 643-654. Springer, 2008.
[541] Simmons88
G. J. Simmons. A survey of information authentication. Proceedings of the IEEE, 76(5):603-620, 1988.
[542] Simon-eurocrypt98
D. R. Simon. Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? In K. Nyberg, editor, Advances in Cryptology - EUROCRYPT '98, Proceedings, volume 1403 of Lecture Notes in Computer Science, pages 334-345. Springer, 1998.
[543] Stam-crypto08
M. Stam. Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions. In D. Wagner, editor, Advances in Cryptology - CRYPTO 2008, Proceedings, volume 5157 of Lecture Notes in Computer Science, pages 397-412. Springer, 2008.
[544] Stam-fse09
M. Stam. Blockcipher-Based Hashing Revisited. In O. Dunkelman, editor, Fast Software Encryption 2009, Proceedings, volume 5665 of Lecture Notes in Computer Science, pages 67-83. Springer, 2009.
[545] Steinberger-eurocrypt07
J. P. Steinberger. The Collision Intractability of MDC-2 in the Ideal-Cipher Model. In M. Naor, editor, Advances in Cryptology - EUROCRYPT 2007, Proceedings, volume 4515 of Lecture Notes in Computer Science, pages 34-51. Springer, 2007.
[546] Steinberger-eurocrypt10
J. P. Steinberger. Stam's Collision Resistance Conjecture. In H. Gilbert, editor, Advances in Cryptology - EUROCRYPT 2010, Proceedings, volume 6110 of Lecture Notes in Computer Science, pages 597-615. Springer, 2010.
[547] SteinfeldCMPGLW-fse08
R. Steinfeld, S. Contini, K. Matusiewicz, J. Pieprzyk, J. Guo, S. Ling, and H. Wang. Cryptanalysis of LASH. In K. Nyberg, editor, Fast Software Encryption 2008, Proceedings, volume 5086 of Lecture Notes in Computer Science, pages 207-223. Springer, 2008.
[548] SteinfeldPW-pkc06
R. Steinfeld, J. Pieprzyk, and H. Wang. Higher Order Universal One-Way Hash Functions from the Subset Sum Assumption. In M. Yung, Y. Dodis, A. Kiayias, and T. Malkin, editors, Public Key Cryptography - PKC 2006, Proceedings, volume 3958 of Lecture Notes in Computer Science, pages 157-173. Springer, 2006.
[549] SteinwandtGGB-crypto00
R. Steinwandt, M. Grassl, W. Geiselmann, and T. Beth. Weaknesses in the SL2(IFs2) Hashing Scheme. In M. Bellare, editor, Advances in Cryptology - CRYPTO 2000, Proceedings, volume 1880 of Lecture Notes in Computer Science, pages 287-299. Springer, 2000.
[550] StevensLW-eurocrypt07
M. Stevens, A. K. Lenstra, and B. de Weger. Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities. In M. Naor, editor, Advances in Cryptology - EUROCRYPT 2007, Proceedings, volume 4515 of Lecture Notes in Computer Science, pages 1-22. Springer, 2007.
[551] StevensSALMOW-crypto09
M. Stevens, A. Sotirov, J. Appelbaum, A. Lenstra, D. Molnar, D. A. Osvik, and B. de Weger. Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate. In S. Halevi, editor, Advances in Cryptology - CRYPTO 2009, Proceedings, volume 5677 of Lecture Notes in Computer Science, pages 55-69. Springer, 2009.
[552] Stinson-crypto91a
D. R. Stinson. Universal Hashing and Authentication Codes. In J. Feigenbaum, editor, Advances in Cryptology - CRYPTO '91, Proceedings, volume 576 of Lecture Notes in Computer Science, pages 74-85. Springer, 1992.
[553] Stinson-dcc94
D. R. Stinson. Universal Hashing and Authentication Codes. Designs, Codes and Cryptography, 4(4):369-380, 1994.
[554] Stinson-dcc06
D. R. Stinson. Some Observations on the Theory of Cryptographic Hash Functions. Designs, Codes and Cryptography, 38(2):259-277, 2006.
[555] SugitaKI-nist06
M. Sugita, M. Kawazoe, and H. Imai. Gröbner Basis Based Cryptanalysis of SHA-1. Presented at Second NIST Cryptographic Hash Workshop, August 24-25, 2006, Santa Barbara, California, USA.
[556] SugitaKPI-fse07
M. Sugita, M. Kawazoe, L. Perret, and H. Imai. Algebraic Cryptanalysis of 58-Round SHA-1. In A. Biryukov, editor, Fast Software Encryption 2007, Proceedings, volume 4593 of Lecture Notes in Computer Science, pages 349-365. Springer, 2007.
[557] SuzukiTKT-icisc06
K. Suzuki, D. Tonien, K. Kurosawa, and K. Toyota. Birthday Paradox for Multi-collisions. In M. S. Rhee and B. Lee, editors, Information Security and Cryptology - ICISC 2006, Proceedings, volume 4296 of Lecture Notes in Computer Science, pages 29-40. Springer, 2006.
[558] SuzukiTKT-ieicet08
K. Suzuki, D. Tonien, K. Kurosawa, and K. Toyota. Birthday Paradox for Multi-Collisions. IEICE Transactions, 91-A(1):39-45, 2008.
[559] Szydlo-eurocrypt04
M. Szydlo. Merkle Tree Traversal in Log Space and Time. In C. Cachin and J. Camenisch, editors, Advances in Cryptology - EUROCRYPT 2004, Proceedings, volume 3027 of Lecture Notes in Computer Science, pages 541-554. Springer, 2004.
[560] SzydloY-nist05
M. Szydlo and Y. L. Yin. Collision-Resistent Usage of MD5 and SHA-1 via Message Preprocessing. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[561] SzydloY-ctrsa06
M. Szydlo and Y. L. Yin. Collision-Resistant Usage of MD5 and SHA-1 Via Message Preprocessing. In D. Pointcheval, editor, Topics in Cryptology - CT-RSA 2006, Proceedings, volume 3860 of Lecture Notes in Computer Science, pages 99-114. Springer, 2006.
[562] Thomsen-fse10
S. S. Thomsen. Pseudo-cryptanalysis of the Original Blue Midnight Wish. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 304-317. Springer, 2010.
[563] TillichZ-crypto94
J.-P. Tillich and G. Zémor. Hashing with SL2. In Y. Desmedt, editor, Advances in Cryptology - CRYPTO '94, Proceedings, volume 839 of Lecture Notes in Computer Science, pages 40-49. Springer, 1994.
[564] TillichZ-eurocrypt08
J.-P. Tillich and G. Zémor. Collisions for the LPS Expander Graph Hash Function. In N. Smart, editor, Advances in Cryptology - EUROCRYPT 2008, Proceedings, volume 4965 of Lecture Notes in Computer Science, pages 254-269. Springer, 2008.
[565] Tsudik-infocom92
G. Tsudik. Message Authentication with One-Way Hash Functions. In INFOCOM '92, Proceedings, pages 2055-2059, 1992.
[566] TuranU-indocrypt10
M. S. Turan and E. Uyan. Near-Collisions for the Reduced Round Versions of Some Second Round SHA-3 Compression Functions Using Hill Climbing. In G. Gong and K. C. Gupta, editors, Progress in Cryptology - INDOCRYPT 2010, Proceedings, volume 6498 of Lecture Notes in Computer Science, pages 131-143. Springer, 2010.
[567] VabekJBT-indocrypt08
J. Vábek, D. Joscák, M. Bohácek, and J. Tuma. A New Type of 2-Block Collisions in MD5. In D. R. Chowdhury, V. Rijmen, and A. Das, editors, Progress in Cryptology - INDOCRYPT 2008, Proceedings, volume 5365 of Lecture Notes in Computer Science, pages 78-90. Springer, 2008.
[568] OorschotW-ccs94
P. C. van Oorschot and M. J. Wiener. Parallel Collision Search with Application to Hash Functions and Discrete Logarithms. In ACM Conference on Computer and Communications Security 1994, Proceedings, pages 210-218. ACM, 1994.
[569] OorschotW-joc99
P. C. van Oorschot and M. J. Wiener. Parallel Collision Search with Cryptanalytic Applications. Journal of Cryptology, 12(1):1-28, 1999.
[570] Vaudenay-crypto92
S. Vaudenay. FFT-Hash-II is not yet Collision-free. In E. F. Brickell, editor, Advances in Cryptology - CRYPTO '92, Proceedings, volume 740 of Lecture Notes in Computer Science, pages 587-593. Springer, 1993.
[571] Vaudenay-fse94
S. Vaudenay. On the Need for Multipermutations: Cryptanalysis of MD4 and SAFER. In B. Preneel, editor, Fast Software Encryption 1994, Proceedings, volume 1008 of Lecture Notes in Computer Science, pages 286-297. Springer, 1995.
[572] Vaudenay-crypto96
S. Vaudenay. Hidden Collisions on DSS. In N. Koblitz, editor, Advances in Cryptology - CRYPTO '96, Proceedings, volume 1109 of Lecture Notes in Computer Science, pages 83-88. Springer, 1996.
[573] Wagner-asiacrypt00
D. Wagner. Cryptanalysis of the Yi-Lam Hash. In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT 2000, Proceedings, volume 1976 of Lecture Notes in Computer Science, pages 483-488. Springer, 2000.
[574] Wagner-crypto02
D. Wagner. A Generalized Birthday Problem. In M. Yung, editor, Advances in Cryptology - CRYPTO 2002, Proceedings, volume 2442 of Lecture Notes in Computer Science, pages 288-303. Springer, 2002.
[575] WagnerG-asiacrypt00
D. Wagner and I. Goldberg. Proofs of Security for the Unix Password Hashing Algorithm. In T. Okamoto, editor, Advances in Cryptology - ASIACRYPT 2000, Proceedings, volume 1976 of Lecture Notes in Computer Science, pages 560-572. Springer, 2000.
[576] WangW-africacrypt09
G. Wang and S. Wang. Second Preimage Attack on 5-Pass HAVAL and Partial Key-Recovery Attack on HMAC/NMAC-5-Pass HAVAL. In B. Preneel, editor, Progress in Cryptology - AFRICACRYPT 2009, Proceedings, volume 5580 of Lecture Notes in Computer Science, pages 1-13. Springer, 2009.
[577] WangS-fse10
L. Wang and Y. Sasaki. Finding Preimages of Tiger Up to 23 Steps. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 116-133. Springer, 2010.
[578] WangSKOS-ctrsa11
L. Wang, Y. Sasaki, W. Komatsubara, K. Ohta, and K. Sakiyama. (Second) Preimage Attacks on Step-Reduced RIPEMD/RIPEMD-128 with a New Local-Collision Approach. In A. Kiayias, editor, Topics in Cryptology - CT-RSA 2011, Proceedings, volume 6558 of Lecture Notes in Computer Science, pages 197-212. Springer, 2011.
[579] WangLFCY-eurocrypt05
X. Wang, X. Lai, D. Feng, H. Chen, and X. Yu. Cryptanalysis of the Hash Functions MD4 and RIPEMD. In R. Cramer, editor, Advances in Cryptology - EUROCRYPT 2005, Proceedings, volume 3494 of Lecture Notes in Computer Science, pages 1-18. Springer, 2005.
[580] WangYY-crypto05a
X. Wang, Y. L. Yin, and H. Yu. Finding Collisions in the Full SHA-1. In V. Shoup, editor, Advances in Cryptology - CRYPTO 2005, Proceedings, volume 3621 of Lecture Notes in Computer Science, pages 17-36. Springer, 2005.
[581] WangY-eurocrypt05
X. Wang and H. Yu. How to Break MD5 and Other Hash Functions. In R. Cramer, editor, Advances in Cryptology - EUROCRYPT 2005, Proceedings, volume 3494 of Lecture Notes in Computer Science, pages 19-35. Springer, 2005.
[582] WangYWZZ-eurocrypt09
X. Wang, H. Yu, W. Wang, H. Zhang, and T. Zhan. Cryptanalysis on HMAC/NMAC-MD5 and MD5-MAC. In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 121-133. Springer, 2009.
[583] WangYY-crypto05
X. Wang, H. Yu, and Y. L. Yin. Efficient Collision Search Attacks on SHA-0. In V. Shoup, editor, Advances in Cryptology - CRYPTO 2005, Proceedings, volume 3621 of Lecture Notes in Computer Science, pages 1-16. Springer, 2005.
[584] Watanabe-unpub06
D. Watanabe. A note on the security proof of Knudsen-Preneel construction of a hash function. Unpublished manuscript, 2006. Available: http://csrc.nist.gov/groups/ST/hash/documents/WATANABE_kp_attack.pdf (2008/07/18).
[585] WatanabeHYK-fse10
D. Watanabe, Y. Hatano, T. Yamada, and T. Kaneko. Higher Order Differential Attack on Step-Reduced Variants of uffa v1. In S. Hong and T. Iwata, editors, Fast Software Encryption 2010, Proceedings, volume 6147 of Lecture Notes in Computer Science, pages 270-285. Springer, 2010.
[586] WegmanC-jcss81
M. N. Wegman and L. Carter. New Hash Functions and Their Use in Authentication and Set Equality. Journal of Computer and System Sciences, 22(3):265-279, 1981.
[587] Wenzel-BennerG-ches10
C. Wenzel-Benner and J. Gräf. XBX: eXternal Benchmarking eXtension for the SUPERCOP Crypto Benchmarking Framework. In S. Mangard and F.-X. Standaert, editors, Cryptographic Hardware and Embedded Systems 2010, Proceedings, volume 6225 of Lecture Notes in Computer Science, pages 294-305. Springer, 2010.
[588] WhitingS-ctrsa03
D. L. Whiting and M. J. Sabin. Montgomery Prime Hashing for Message Authentication. In M. Joye, editor, Topics in Cryptology - CT-RSA 2003, Proceedings, volume 2612 of Lecture Notes in Computer Science, pages 50-67. Springer, 2003.
[589] Winternitz-ssp84
R. S. Winternitz. A Secure One-Way Hash Function Built from DES. In IEEE Symposium on Security and Privacy, pages 88-90, 1984.
[590] Winternitz-crypto83
R. S. Winternitz. Producing a One-Way Hash Function from DES. In D. Chaum, editor, Advances in Cryptology - Proceedings of CRYPTO '83, Proceedings, pages 203-207. Plenum Press, New York, 1984.
[591] WuFW-sac09
S. Wu, D. Feng, and W. Wu. Cryptanalysis of the LANE Hash Function. In M. J. Jacobson Jr., V. Rijmen, and R. Safavi-Naini, editors, Selected Areas in Cryptography 2009, Proceedings, volume 5867 of Lecture Notes in Computer Science, pages 126-140. Springer, 2009.
[592] WuFW-icisc09
S. Wu, D. Feng, and W. Wu. Practical Rebound Attack on 12-Round Cheetah-256. In D. Lee and S. Hong, editors, Information Security and Cryptology - ICISC 2009, Proceedings, volume 5984 of Lecture Notes in Computer Science, pages 300-314. Springer, 2010.
[593] YajimaSNISKO-acisp07
J. Yajima, Y. Sasaki, Y. Naito, T. Iwasaki, T. Shimoyama, N. Kunihiro, and K. Ohta. A New Strategy for Finding a Differential Path of SHA-1. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 45-58. Springer, 2007.
[594] Yasuda-asiacrypt07
K. Yasuda. Boosting Merkle-Damgård Hashing for Message Authentication. In K. Kurosawa, editor, Advances in Cryptology - ASIACRYPT 2007, Proceedings, volume 4833 of Lecture Notes in Computer Science, pages 216-231. Springer, 2007.
[595] Yasuda-indocrypt07
K. Yasuda. Multilane HMAC - Security beyond the Birthday Limit. In K. Srinathan, C. P. Rangan, and M. Yung, editors, Progress in Cryptology - INDOCRYPT 2007, Proceedings, volume 4859 of Lecture Notes in Computer Science, pages 18-32. Springer, 2007.
[596] Yasuda-acisp07
K. Yasuda. "Sandwich" Is Indeed Secure: How to Authenticate a Message with Just One Hashing. In J. Pieprzyk, H. Ghodosi, and E. Dawson, editors, Australasian Conference on Information Security and Privacy (ACISP) 2007, Proceedings, volume 4586 of Lecture Notes in Computer Science, pages 355-369. Springer, 2007.
[597] Yasuda-asiacrypt08
K. Yasuda. How to Fill Up Merkle-Damgård Hash Functions. In J. Pieprzyk, editor, Advances in Cryptology - ASIACRYPT 2008, Proceedings, volume 5350 of Lecture Notes in Computer Science, pages 272-289. Springer, 2008.
[598] Yasuda-eurocrypt09
K. Yasuda. A Double-Piped Mode of Operation for MACs, PRFs and PROs: Security beyond the Birthday Barrier. In A. Joux, editor, Advances in Cryptology - EUROCRYPT 2009, Proceedings, volume 5479 of Lecture Notes in Computer Science, pages 242-259. Springer, 2009.
[599] Yasuda-isc09
K. Yasuda. HMAC without the "Second" Key. In P. Samarati, M. Yung, F. Martinelli, and C. A. Ardagna, editors, Information Security Conference (ISC) 2009, Proceedings, volume 5735 of Lecture Notes in Computer Science, pages 443-458. Springer, 2009.
[600] YiL-acisp97
X. Yi and K.-Y. Lam. A New Hash Function Based on Block Cipher. In V. Varadharajan, J. Pieprzyk, and Y. Mu, editors, Australasian Conference on Information Security and Privacy (ACISP) '97, Proceedings, volume 1270 of Lecture Notes in Computer Science, pages 139-146. Springer, 1997.
[601] YoonSR-icisc98
J. W. Yoon, S. U. Shin, and K. H. Rhee. A secure hash function based on cellular automata. In The 1st International Conference on Information Security and Cryptology '98, Proceedings, pages 93-105. Korea Institute of Information Security and Cryptology (KIISC), 1998.
[602] YoshidaB-sac05
H. Yoshida and A. Biryukov. Analysis of a SHA-256 Variant. In B. Preneel and S. E. Tavares, editors, Selected Areas in Cryptography 2005, Proceedings, volume 3897 of Lecture Notes in Computer Science, pages 245-260. Springer, 2006.
[603] YoshidaBP-nist05
H. Yoshida, A. Biryukov, and B. Preneel. Some Applications of the Biham-Chen Attack to SHA-like Hash Functions. Presented at NIST Cryptographic Hash Workshop, October 31-November 1, 2005, Gaithersburg, Maryland, USA.
[604] YoshidaWOKWKP-ches07
H. Yoshida, D. Watanabe, K. Okeya, J. Kitahara, H. Wu, Ö. Küçük, and B. Preneel. MAME: A Compression Function with Reduced Hardware Requirements. In P. Paillier and I. Verbauwhede, editors, Cryptographic Hardware and Embedded Systems - CHES 2007, Proceedings, volume 4727 of Lecture Notes in Computer Science, pages 148-165. Springer, 2007.
[605] YuWZW-cans05
H. Yu, G. Wang, G. Zhang, and X. Wang. The Second-Preimage Attack on MD4. In Y. Desmedt, H. Wang, Y. Mu, and Y. Li, editors, Cryptology and Network Security (CANS) 2005, Proceedings, volume 3810 of Lecture Notes in Computer Science, pages 1-12. Springer, 2005.
[606] YuW-icisc07
H. Yu and X. Wang. Multi-collision Attack on the Compression Functions of MD4 and 3-Pass HAVAL. In K.-H. Nam and G. Rhee, editors, Information Security and Cryptology - ICISC 2007, Proceedings, volume 4817 of Lecture Notes in Computer Science, pages 206-226. Springer, 2007.
[607] YuW-acisp09
H. Yu and X. Wang. Distinguishing Attack on the Secret-Prefix MAC Based on the 39-Step SHA-256. In C. Boyd and J. G. Nieto, editors, Australasian Conference on Information Security and Privacy (ACISP) 2009, Proceedings, volume 5594 of Lecture Notes in Computer Science, pages 185-201. Springer, 2009.
[608] YuW-acisp11
H. Yu and X. Wang. Cryptanalysis of the Compression Function of SIMD. In U. Parampalli and P. Hawkes, editors, Australasian Conference on Information Security and Privacy (ACISP) 2011, Proceedings, volume 6812 of Lecture Notes in Computer Science, pages 157-171. Springer, 2011.
[609] YuWYP-fse06
H. Yu, X. Wang, A. Yun, and S. Park. Cryptanalysis of the Full HAVAL with 4 and 5 Passes. In M. J. B. Robshaw, editor, Fast Software Encryption 2006, Proceedings, volume 4047 of Lecture Notes in Computer Science, pages 89-110. Springer, 2006.
[610] YunSPCHC-icisc05
A. Yun, S. H. Sung, S. Park, D. Chang, S. Hong, and H.-S. Cho. Finding Collision on 45-Step HAS-160. In D. Won and S. Kim, editors, Information Security and Cryptology - ICISC 2005, Proceedings, volume 3935 of Lecture Notes in Computer Science, pages 146-155. Springer, 2006.
[611] Yuval-cryptologia79
G. Yuval. How to swindle Rabin. Cryptologia, 3(3):187-189, 1979.
[612] Zemor-dcc94
G. Zémor. Hash Functions and Cayley Graphs. Designs, Codes and Cryptography, 4(4):381-394, 1994.
[613] ZhengHP-asiacrypt91
Y. Zheng, T. Hardjono, and J. Pieprzyk. Sibling Intractable Function Families and Their Applications (Extended Abstract). In H. Imai, R. L. Rivest, and T. Matsumoto, editors, Advances in Cryptology - ASIACRYPT '91, Proceedings, volume 739 of Lecture Notes in Computer Science, pages 124-138. Springer, 1993.
[614] ZhengMI-ieice90
Y. Zheng, T. Matsumoto, and H. Imai. Connections among Several Versions of One-Way Hash Functions. The Transactions of the IEICE (Special Issue on Cryptography and Information Security), E73(7):1092-1099, 1990.
[615] ZhengMI-crypto90
Y. Zheng, T. Matsumoto, and H. Imai. Structural Properties of One-way Hash Functions. In A. Menezes and S. A. Vanstone, editors, Advances in Cryptology - CRYPTO '90, Proceedings, volume 537 of Lecture Notes in Computer Science, pages 285-302. Springer, 1991.
[616] ZhengPS-asiacrypt92
Y. Zheng, J. Pieprzyk, and J. Seberry. HAVAL - A One-Way Hashing Algorithm with Variable Length of Output. In J. Seberry and Y. Zheng, editors, Advances in Cryptology - ASIACRYPT '92, Proceedings, volume 718 of Lecture Notes in Computer Science, pages 83-104. Springer, 1993.
[617] Zoltak-fse04
B. Zoltak. VMPC One-Way Function and Stream Cipher. In B. K. Roy and W. Meier, editors, Fast Software Encryption 2004, Proceedings, volume 3017 of Lecture Notes in Computer Science, pages 210-225. Springer, 2004.
Valid HTML 4.01 StrictSøren S. Thomsen. Last update 23 November, 2011.