Skip to main content
Conference ProceedingsOPEN ACCESS

On the impossibility of efficiently combining collision resistant hash functions

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2006) 4117 LNCS 570-583
DOI: 10.1007/11818175_34
27Citations
Citations of this article
48Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Let H1, H2 be two hash functions. We wish to construct a new hash function H that is collision resistant if at least one of H1 or H2 is collision resistant. Concatenating the output of H1 and H2 clearly works, but at the cost of doubling the hash output size. We ask whether a better construction exists, namely, can we hedge our bets without doubling the size of the output? We take a step towards answering this question in the negative - we show that any secure construction that evaluates each hash function once cannot output fewer bits than simply concatenating the given functions. © International Association for Cryptologic Research 2006.

Cite

CITATION STYLE

APA

Boneh, D., & Boyen, X. (2006). On the impossibility of efficiently combining collision resistant hash functions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4117 LNCS, pp. 570–583). Springer Verlag. https://doi.org/10.1007/11818175_34

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free