Re: hash function
From: Aldar C-F. Chan (aldar_at_comm.utoronto.ca)
Date: 02/22/05
- Next message: jstevh_at_msn.com: "Re: Real algorithm, surrogate factoring"
- Previous message: Anne & Lynn Wheeler: "Re: Adversarial Testing, was Re: Thou shalt have no"
- In reply to: David Wagner: "Re: hash function"
- Next in thread: David Wagner: "Re: hash function"
- Reply: David Wagner: "Re: hash function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Feb 2005 01:01:05 GMT
> I don't understand what you mean. The PRF algorithm is public. The only
> thing secret is the key.
>
> If you use a hash, the same will be true. The hash algorithm will be
> public. The only thing secret will be the key ("a", in your terminology).
>
Wait a minute. I am afraid we are not talking about the same thing.
In more details, I am considering the following:
Suppose there is a group of people some of which know a secret x
while the rest don't. For each one of the rest, say i, he is given
a_i and y_i=h(x||a_i). Those a_i (a in my original notation) could be
public. Anyone, even those having no knowledge of x, should be
able to evaluate h( ). I want to make sure that people having
(a_i, y_i) should not be able to find x (or, at the best, a collision of
x).
When I said public, I really meant h( ) can be publicly evaluated!! So
PRF does not fit. Who can evaluate it without knowing k?
What I have in mind is a preimage-resistant hash function h( ) that have a
slightly stronger security in that given an image y under h( ), and part of
whose pre-image (a), it is still hard to find the unexposed part of the
preimage (x). Another reply from Jean was addressing the same thing.
Don't why our discussions went on like this !?!
> I recommend against building your own funny construction. That way is
> error-prone. Use a standard primitive whereever you can.
This is kind of common sense 101; everyone knows this. If a standard
primitive could help, who would bother to create a FUNNY construction?
Your comments and suggestions are really very appreciated. If I didn't
speak
in the right tone, please accept my apology.
- Next message: jstevh_at_msn.com: "Re: Real algorithm, surrogate factoring"
- Previous message: Anne & Lynn Wheeler: "Re: Adversarial Testing, was Re: Thou shalt have no"
- In reply to: David Wagner: "Re: hash function"
- Next in thread: David Wagner: "Re: hash function"
- Reply: David Wagner: "Re: hash function"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
