Cryptology ePrint Archive: Report 2010/022
Enhanced Security Notions for Dedicated-Key Hash Functions: Definitions and Relationships
Mohammad Reza Reyhanitabar and Willy Susilo and Yi Mu
Abstract: In this paper, we revisit security notions for dedicated-key hash functions, considering two essential theoretical aspects; namely, formal definitions for security notions, and the relationships among them. Our contribution is twofold. First, we provide a new set of enhanced security notions for dedicated-key hash functions. The provision of this set of enhanced properties has been motivated by the introduction of enhanced target collision resistance (eTCR) property by Halevi and Krawczyk at Crypto 2006. We notice that the eTCR property does not belong to the set of the seven security notions previously investigated by Rogaway and Shrimpton at FSE 2004, namely: Coll, Sec, aSec, eSec, Pre, aPre and ePre.
The fact that eTCR, as a new useful property, is the enhanced variant of the well-known TCR (a.k.a. eSec or UOWHF) property
motivates one to investigate the possibility of providing enhanced variants for the other properties. We provide such an enhanced set of properties. Interestingly, there are six enhanced variants of security notions available, excluding ``ePre'' which can be demonstrated to be non-enhanceable.
As the second and main part of our contribution, we provide a full picture of relationships (i.e. implications and separations) among
the (thirteen) security properties including the (six) enhanced properties and the previously considered seven properties.
The implications and separations are supported by formal proofs (reductions) and/or counterexamples in the concrete-security framework.
Category / Keywords: foundations / hash functions, security notions, definitions, relationships
Publication Info: Accepted at FSE 2010.
Date: received 14 Jan 2010
Contact author: mrr790 at uow edu au
Available formats: PDF | BibTeX Citation
Version: 20100116:062418 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]