Abstract
We propose a flexible, fairly general, coding for tree hash modes. The coding does not define a tree hash mode, but instead specifies a way to format the message blocks and chaining values into inputs to the underlying function for any topology, including sequential hashing. The main benefit is to avoid input clashes between different tree growing strategies, even before the hashing modes are defined, and to make the SHA-3 standard tree-hashing ready.
Chapter PDF
Similar content being viewed by others
References
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM Conference on Computer and Communications Security 1993, pp. 62–73. ACM (1993)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008), http://sponge.noekeon.org/
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sufficient conditions for sound tree hashing modes, Symmetric Cryptography. In: Handschuh, H., Lucks, S., Preneel, B., Rogaway, P. (eds.) Dagstuhl Seminar Proceedings, no. 09031, Dagstuhl, Germany. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, Germany (2009)
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The Keccak reference (January 2011), http://keccak.noekeon.org/
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak and the SHA3 standardization, presentation at NIST (February 2013), http://csrc.nist.gov/groups/ST/hash/sha-3/documents/Keccak-slides-at-NIST.pdf
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sufficient conditions for sound tree and sequential hashing modes. International Journal of Information Security (2013), http://dx.doi.org/10.1007/s10207-013-0220-y
Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-damgård revisited: How to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)
Damgård, I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Dodis, Y., Reyzin, L., Rivest, R.L., Shen, E.: Indifferentiability of permutation-based compression functions and tree-based modes of operation, with applications to MD6. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 104–121. Springer, Heidelberg (2009)
Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein hash function family, Submission to NIST (2008), http://skein-hash.info/
Gueron, S.: A j-lanes tree hashing mode and j-lanes SHA-256. Journal of Information Security 4, 4–11 (2013)
Kelsey, J.: Moving forward with SHA3, NIST hash forum (November 2013), http://csrc.nist.gov/groups/ST/hash/sha-3/documents/kelsey-email-moving-forward-110113.pdf
RSA Laboratories, PKCS # 1 v2.2 RSA Cryptography Standard (2012)
Lucks, S.: Tree hashing: A simple generic tree hashing mode designed for SHA-2 and SHA-3, applicable to other hash functions, Early Symmetric Crypto (ESC) (2013)
Lucks, S., McGrew, D., Whiting, D.: Batteries included: Features and modes for next generation hash functions. In: The Third SHA-3 Candidate Conference (2012)
Maurer, U., Renner, R., Holenstein, C.: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)
Merkle, R.C.: Secrecy, authentication, and public key systems, PhD thesis. UMI Research Press (1982)
NIST, Mailing list on NIST’s cryptographic hash workshops and hash algorithm competition, http://csrc.nist.gov/groups/ST/hash/email_list.html
Merkle, R.C.: NIST special publication 800-57, recommendation for key management (March 2007) (revised)
Overell, P.: Augmented BNF for syntax specifications: ABNF, Internet Request for Comments, RFC 5234 (January 2008)
Rivest, R., Agre, B., Bailey, D.V., Cheng, S., Crutchfield, C., Dodis, Y., Fleming, K.E., Khan, A., Krishnamurthy, J., Lin, Y., Reyzin, L., Shen, E., Sukha, J., Sutherland, D., Tromer, E., Yin, Y.L.: The MD6 hash function – a proposal to NIST for SHA-3, Submission to NIST (2008), http://groups.csail.mit.edu/cis/md6/
Sarkar, P., Schellenberg, P.J.: A parallelizable design principle for cryptographic hash functions, Cryptology ePrint Archive, Report 2002/031 (2002), http://eprint.iacr.org/
Torgerson, M., Schroeppel, R., Draelos, T., Dautenhahn, N., Malone, S., Walker, A., Collins, M., Orman, H.: The SANDstorm hash, Submission to NIST (2008), http://www.sandia.gov/scada/documents/SANDstorm_Submission_2008_10_30.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Bertoni, G., Daemen, J., Peeters, M., Van Assche, G. (2014). Sakura: A Flexible Coding for Tree Hashing. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds) Applied Cryptography and Network Security. ACNS 2014. Lecture Notes in Computer Science, vol 8479. Springer, Cham. https://doi.org/10.1007/978-3-319-07536-5_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-07536-5_14
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07535-8
Online ISBN: 978-3-319-07536-5
eBook Packages: Computer ScienceComputer Science (R0)