Expedient Non-malleability Notions for Hash Functions

11 years 3 months ago
Expedient Non-malleability Notions for Hash Functions
Non-malleability of a cryptographic primitive is a fundamental security property which ensures some sort of independence of cryptographic values. The notion has been extensively studied for commitments, encryption and zero-knowledge proofs, but it was not until recently that the notion—and its peculiarities— have been considered for hash functions by Boldyreva et al. (Asiacrypt 2009). They give a simulation-based definition, basically saying that for any adversary mauling hash values into related ones there is a simulator which is as successful in producing such hash values, even when not seeing the original hash values. Their notion, although following previous approaches to non-malleability, is nonetheless quite unwieldy; it is hard to achieve and, due to the existential quantification over the simulator, hard to falsify. We also note that finding an equivalent indistinguishability-based notion is still open. Here we take a different, more handy approach to non-malleability o...
Paul Baecher, Marc Fischlin, Dominique Schröd
Added 27 Aug 2011
Updated 27 Aug 2011
Type Journal
Year 2011
Authors Paul Baecher, Marc Fischlin, Dominique Schröder
Comments (0)