Hash Function Designs Based on Stream Ciphers

Hash function are fundamental components of many cryptographic applications such as digital signatures, random number generation, integrity protection, e-cash etc. Employing hash functions for these applications both increase the security and improve the efficiency of these systems. However, availability of any weaknesses in hash function designs is a very serious threat against the security of these applications.

MD5, SHA-1 and RIPEMD are widely used hash functions especially in SSL, PGP, S/MINE, SSH and SFTP applications. The design of these hash functions are based on the hash function MD4 as they iteratively use a compression function that inputs state variable and a fixed length block, and outputs another fixed length block. The strength of these hash functions is based on the collision-resistance property of the compression function.

Recently, many attacks against hash functions having similar construction to MD4 are proposed. Nowadays, these constructions are not considered to provide sufficient level of security against collision resistance. These recent studies motivated National Institute of Standards and Technology (NIST) to announce a public competition to select a new cryptographic hash function to be used as the new standard. It is commonly believed that many alternative design approaches are going to be proposed for the competition. Designing hash functions based on stream ciphers is a good approach due to the efficiency and the speed of these ciphers.

Panama is the first hash function based on a stream cipher. However, an attack against Panama is proposed, thereafter RadioGatun, an improved version of Panama, is proposed and claimed to offer better security than MD4 primitives. In this approach, iterative use of a simple round function and inclusion of input blocks are proposed. After inclusion of all input blocks, the state is updated a number of times without producing any output. Another hash function RC4-Hash is based on the very popular stream cipher RC4.

We propose a new experimental hash function based on the stream cipher Dragon designed by Dawson et al. Details are available in our paper : "Hash Function Designs Based on Stream Ciphers" which is a joint work with Ozgur Ozugur and Onur Kurt, presented in the national conferance "Bilgi Güvenliği ve Kriptoloji Konferansi" Ankara, 2007. Please contact for the pdf.