> If the data is too big, break it up into pieces and chain these
> constructions together. The output of one block becomes the input "IV"
> of the next block.
I think you mean input *key*. This is essentially the Matyas-Meyer-Oseas
construction, although they define it across two blocks because
On 10/30/05, Arash Partow <[EMAIL PROTECTED]> wrote:
> How does one properly use a symmetric cipher as a cryptographic hash
> function? I seem to be going around in circles.
The usual method is to feed the data into the "key" slot of the
cipher, and to use a fixed IV in the "plaintext" slot. Then,
> Not so... the SHA family are all unbalanced Feistel structures.
Sorry, I guess I am thinking of AES. I don't know where I got the
"doesn't need to be invertible" bit, I must be conflating it with
something else.
He should also take a look at OCB, CCM, and CBC-MAC modes.
Perhaps he intends to h
"Travis H." <[EMAIL PROTECTED]> writes:
>> How does one properly use a symmetric cipher as a cryptographic hash
>> function? I seem to be going around in circles.
>
> Isn't this is like asking a mechanic how to use a screwdriver as a hammer?
Not in the least. Building new strong tools by using ol
In message <[EMAIL PROTECTED]>, "Trav
is H." writes:
>> How does one properly use a symmetric cipher as a cryptographic hash
>> function? I seem to be going around in circles.
>
>Isn't this is like asking a mechanic how to use a screwdriver as a hammer?
Given that we seem to know much more about b
At 01:33 2005-11-01 -0600, Travis H. wrote:
The latest hashes, such as SHA-1, gave up on Feistel.
Not so... the SHA family are all unbalanced Feistel structures.
Basically, for SHA-1 a complex function of 4 words and key material
(in this case expanded data to be hashed) is combined with the
> How does one properly use a symmetric cipher as a cryptographic hash
> function? I seem to be going around in circles.
Isn't this is like asking a mechanic how to use a screwdriver as a hammer?
> Reversing the situation (using the data as the key and a known plain-
> text) makes a plaintext att
Tom Shrimpton (http://www.cs.pdx.edu/~teshrim/) does research in this
area (ie. using block ciphers to build hash functions). See the papers
on his web site; in particular:
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions
from PGV [pdf] [ps]
John Black, Phillip Rogawa
Hi all,
How does one properly use a symmetric cipher as a cryptographic hash
function? I seem to be going around in circles.
Initially I thought you choose some known key and encrypt the data
with the key, using either the encrypted text or the internal state of
the cipher as the hash value, tur