Paper 2013/415

SL2 homomorphic hash functions: Worst case to average case reduction and short collision search

Ciaran Mullan and Boaz Tsaban

Abstract

We study homomorphic hash functions into SL(2,q), the 2x2 matrices with determinant 1 over the field with $q$ elements. Modulo a well supported number theoretic hypothesis, which holds in particular for concrete homomorphisms proposed thus far, we provide a worst case to average case reduction for these hash functions: upto a logarithmic factor, a random homomorphism is as secure as _any_ concrete homomorphism. For a family of homomorphisms containing several concrete proposals in the literature, we prove that collisions of length O(log(q)) can be found in running time O(sqrt(q)). For general homomorphisms we offer an algorithm that, heuristically and according to experiments, in running time O(sqrt(q)) finds collisions of length O(log(q)) for q even, and length O(log^2(q)/loglog(q))$ for arbitrary q. While exponetial time, our algorithms are faster in practice than all earlier generic algorithms, and produce much shorter collisions.

Note: To appear in Designs Codes and Cryptography

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Unknown status
Keywords
SL2 hashhomomorphic hash
Contact author(s)
tsaban @ math biu ac il
History
2015-11-02: revised
2013-06-25: received
See all versions
Short URL
https://ia.cr/2013/415
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/415,
      author = {Ciaran Mullan and Boaz Tsaban},
      title = {{SL2}  homomorphic hash functions: Worst case to average case reduction and  short collision search},
      howpublished = {Cryptology {ePrint} Archive, Paper 2013/415},
      year = {2013},
      url = {https://eprint.iacr.org/2013/415}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.