Questions tagged [hash]
A cryptographic hash algorithm is a function which takes a variable size input and produces a fixed size output. The algorithm makes it difficult to find two inputs with the same output or reconstruct the input from the output.
3,115 questions
0
votes
0
answers
45
views
Universal one-way function from Rule 110 cellular automaton?
Are you aware of any examples of universal one-way function construction using a cellular automaton (for instance Turing-complete Rule 110) or of any sufficiently strong cryptographic hash function ...
- 101
5
votes
0
answers
120
views
Hash function with lightweight ZKP of a preimage
For a standard hash function $H$ like SHA-256, one can choose a secret message $M$, compute and publish $h=H(M)$, then prove knowledge of the preimage $M$ in zero knowledge [that is without disclosing ...
- 151k
2
votes
3
answers
289
views
Keccak SHAKE subsequent fetch can be considered as valid PRNG?
I have read the Keccak team document about PRNG.
When you hash with Keccak SHAKE the amount of random bytes you wish to return is unlimited, i.e. I can fetch() as ...
- 195
1
vote
0
answers
68
views
How to determine the algorithm used to generate a 48-byte header for encrypted files? [closed]
I am engaged in the translation of encrypted files. I have several files encrypted in the same way.
The files consist of two parts:
48 byte header example - ...
- 11
0
votes
2
answers
114
views
How to hash an already client-side hashed password again server-side?
Scenario
Suppose I am designing CoolEncryptedCloudService. My users have a password. Using that password, I need to 1) authenticate users and 2) encrypt their data.
Of course, I don't want to send the ...
- 128
4
votes
2
answers
141
views
Security strength of DRBG
The security strength of Hash based DRBG (Hash_DRBG and HMAC_DRBG) confuses me.
Which property of Hash determines the security strength of DRBG?
For example, which SHA2 algorithms can be used to ...
- 41
1
vote
0
answers
80
views
Secure Hash Function [closed]
We need to show $H'(x) =H_1(H_2(x))$ need not be a secure CRHF even if one of $H_1$ or $H_2$ is secure. The case when $H_2$ is insecure is clear as the pair of messages $m,m'$ given as output for $H_2$...
- 769
6
votes
2
answers
1k
views
Is it insecure to use a hash with secret salt instead of a signature?
I have a chunk of data that I need to round-trip through a service that I don't trust, and I want to make sure the data hasn't been tampered with in-transit. I have limited memory and limited storage, ...
- 163
1
vote
0
answers
49
views
How to convert a universal hash function into an e-almost XOR universal hash function
I have been exploring this short-output universal hash function (the one referred to as digestMW() at the beginning of section 3.3).
Based on a single comment in the paper, I think this hash function ...
- 399
2
votes
1
answer
188
views
Is omitting the first output in the squeezing phase of a sponge a security risk?
I recently saw a specification of a hash function, which is based on a sponge. The hash function produces a $128$ bit message digest $H(X)$.
Let's assume that $S$ is the final state of the absorbing ...
- 168
5
votes
3
answers
400
views
A definition for *unkeyed* collision-resistant hash functions?
This question asks if a certain definition of unkeyed collision-resistant hash functions makes sense (i.e., it can be employed in usual security proofs) or, if not, what are its flaws. Some context is ...
- 85
1
vote
0
answers
64
views
How to locate and audit the Layer-3 scrambling (masking/hash/PRNG) function and seed in Pret-a-voter or similar secure voting system source code? [closed]
I am performing a cryptographic audit and reconstruction for a secure voting system inspired by Pret-a-voter.
I currently have access to deterministic PRF mapping (Layer-1) and modulo/checksum filter (...
- 11
0
votes
0
answers
68
views
Preimage attack on FNV hash with multiple known initial and hash pairs
For a 64bit Fowler–Noll–Vo non-cryptographic hash function variant, where the same message is hashed against multiple known initial value (FNV offset basis) and concated into a longer hash, is there a ...
0
votes
1
answer
61
views
Security impact of partial key knowledge for stateful hash-based signatures
Let us consider a stateful hash-based signature scheme (e.g. LMS or XMSS) with an $n$-bit hash function where each signature is composed of $x$ hash chains.
Assuming an attacker has knowledge of $y &...
- 3,007
2
votes
1
answer
84
views
Is ParallelHash XOF (part of SHA-3) seekable? Does it serve to preserve the full (or most) entropy of a large input when generating the output?
There is ParallelHash, a derived function part of SHA-3.
It acts like an Extendable-output function (XOF) that can use multiple threads in multi-core CPUs.
I can generate an (maybe) infinite keystream ...
- 55