TY - GEN
T1 - Collision-Resistance from Multi-Collision-Resistance
AU - Rothblum, Ron D.
AU - Vasudevan, Prashant Nalini
N1 - Publisher Copyright: © 2022, International Association for Cryptologic Research.
PY - 2022
Y1 - 2022
N2 - Collision-resistant hash functions (CRH ) are a fundamental and ubiquitous cryptographic primitive. Several recent works have studied a relaxation of CRH called t-way multi-collision-resistant hash functions (t- MCRH ). These are families of functions for which it is computationally hard to find a t-way collision, even though such collisions are abundant (and even (t- 1 ) -way collisions may be easy to find). The case of t= 2 corresponds to standard CRH, but it is natural to study t- MCRH for larger values of t. Multi-collision-resistance seems to be a qualitatively weaker property than standard collision-resistance. Nevertheless, in this work we show a non-blackbox transformation of any moderately shrinking t- MCRH, for t∈ { 3, 4 }, into an (infinitely often secure) CRH. This transformation is non-constructive – we can prove the existence of a CRH but cannot explicitly point out a construction. Our result partially extends to larger values of t. In particular, we show that for suitable values of t> t′, we can transform a t- MCRH into a t′ - MCRH, at the cost of reducing the shrinkage of the resulting hash function family and settling for infinitely often security. This result utilizes the list-decodability properties of Reed-Solomon codes.
AB - Collision-resistant hash functions (CRH ) are a fundamental and ubiquitous cryptographic primitive. Several recent works have studied a relaxation of CRH called t-way multi-collision-resistant hash functions (t- MCRH ). These are families of functions for which it is computationally hard to find a t-way collision, even though such collisions are abundant (and even (t- 1 ) -way collisions may be easy to find). The case of t= 2 corresponds to standard CRH, but it is natural to study t- MCRH for larger values of t. Multi-collision-resistance seems to be a qualitatively weaker property than standard collision-resistance. Nevertheless, in this work we show a non-blackbox transformation of any moderately shrinking t- MCRH, for t∈ { 3, 4 }, into an (infinitely often secure) CRH. This transformation is non-constructive – we can prove the existence of a CRH but cannot explicitly point out a construction. Our result partially extends to larger values of t. In particular, we show that for suitable values of t> t′, we can transform a t- MCRH into a t′ - MCRH, at the cost of reducing the shrinkage of the resulting hash function family and settling for infinitely often security. This result utilizes the list-decodability properties of Reed-Solomon codes.
UR - http://www.scopus.com/inward/record.url?scp=85141665483&partnerID=8YFLogxK
U2 - https://doi.org/10.1007/978-3-031-15982-4_17
DO - https://doi.org/10.1007/978-3-031-15982-4_17
M3 - منشور من مؤتمر
SN - 9783031159817
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 503
EP - 529
BT - Advances in Cryptology – CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Proceedings
A2 - Dodis, Yevgeniy
A2 - Shrimpton, Thomas
PB - Springer Science and Business Media Deutschland GmbH
T2 - 42nd Annual International Cryptology Conference, CRYPTO 2022
Y2 - 15 August 2022 through 18 August 2022
ER -