Elliptic Curve Multiset Hash

dc.creatorMaitin-Shepard
dc.creatorJeremy; Tibouchi
dc.creatorMehdi; Aranha
dc.creatorDiego F.
dc.date2017
dc.datemar
dc.date2017-11-13T11:31:15Z
dc.date2017-11-13T11:31:15Z
dc.date.accessioned2018-03-29T05:46:14Z
dc.date.available2018-03-29T05:46:14Z
dc.identifierComputer Journal. Oxford Univ Press , v. 60, p. 476 - 490, 2017.
dc.identifier0010-4620
dc.identifier1460-2067
dc.identifierWOS:000397192400002
dc.identifier10.1093/comjnl/bxw053
dc.identifierhttps://academic.oup.com/comjnl/article/2608055
dc.identifierhttp://repositorio.unicamp.br/jspui/handle/REPOSIP/325877
dc.identifier.urihttp://repositorioslatinoamericanos.uchile.cl/handle/2250/1362883
dc.descriptionA multiset hash function associates a hash value to arbitrary collections of objects with possible repetitions. Such a hash function is said to be homomorphic, or incremental, when the hash of the union of two collections is easy to compute from the hashes of the two collections themselves: it is usually their sum under a suitable group operation. In particular, hash values of large collections can be computed incrementally and/or in parallel. This makes homomorphic hashing a very useful primitive, with applications ranging from database integrity verification to streaming set/multiset comparison and network coding. Unfortunately, constructions of homomorphic hash functions proposed in the literature are hampered by two main drawbacks. They tend to be much longer than usual hash functions at the same security level (e.g. to achieve a collision resistance of 2128, they are several thousand bits long, as opposed to 256 bits for usual hash functions), and they are also quite slow. In this paper, we introduce the Elliptic Curve Multiset Hash (ECMH), which combines a usual bit string-valued hash function like BLAKE2 with an efficient encoding into binary elliptic curves to overcome both difficulties. On the one hand, the size of ECMH digests is essentially optimal: 2m-bit hash values provide O(2(m)) collision resistance. On the other hand, we demonstrate a highly-efficient software implementation of ECMH, which our thorough empirical evaluation shows to be capable of processing over 3 million set elements per second on a 4 GHz Intel Haswell machine at the 128 bit security level-many times faster than previous practical methods. While incremental hashing based on elliptic curves has been considered previously (Brown, D.R.L. (2008) The encrypted elliptic curve hash. IACR Cryptology ePrint Archive, 2008, 12.), the proposed method was less efficient, susceptible to timing attacks, and potentially patent-encumbered (Brown, D. and Yamada, A. (2007) Method and apparatus for performing validation of elliptic curve public keys. US Patent, 7, 257, 709.), and no practical implementation was demonstrated.
dc.description60
dc.description4
dc.description476
dc.description490
dc.languageEnglish
dc.publisherOxford Univ Press
dc.publisherOxford
dc.relationComputer Journal
dc.rightsfechado
dc.sourceWOS
dc.subjectHomomorphic Hashing
dc.subjectElliptic Curves
dc.subjectEfficient Implementation
dc.subjectGls254
dc.subjectPclmulqdq
dc.titleElliptic Curve Multiset Hash
dc.typeArtículos de revistas


Este ítem pertenece a la siguiente institución