{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T07:37:13Z","timestamp":1725521833563},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540892540"},{"type":"electronic","value":"9783540892557"}],"license":[{"start":{"date-parts":[[2008,1,1]],"date-time":"2008-01-01T00:00:00Z","timestamp":1199145600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2008]]},"DOI":"10.1007\/978-3-540-89255-7_17","type":"book-chapter","created":{"date-parts":[[2008,12,1]],"date-time":"2008-12-01T07:27:00Z","timestamp":1228116420000},"page":"272-289","source":"Crossref","is-referenced-by-count":11,"title":["How to Fill Up Merkle-Damg\u00e5rd Hash Functions"],"prefix":"10.1007","author":[{"given":"Kan","family":"Yasuda","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"17_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1007\/978-3-540-78967-3_16","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"E. Andreeva","year":"2008","unstructured":"Andreeva, E., Bouillaguet, C., Fouque, P.A., Hoch, J.J., Kelsey, J., Shamir, A., Zimmer, S.: Second preimage attacks on dithered hash functions. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol.\u00a04965, pp. 270\u2013288. Springer, Heidelberg (2008)"},{"key":"17_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/978-3-540-76900-2_8","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"E. Andreeva","year":"2007","unstructured":"Andreeva, E., Neven, G., Preneel, B., Shrimpton, T.: Seven-property-preserving iterated hashing: ROX. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol.\u00a04833, pp. 130\u2013146. Springer, Heidelberg (2007)"},{"key":"17_CR3","unstructured":"Andreeva, E., Preneel, B.: A three-property-secure hash function. In: Avanzi, R., Keliher, L., Sica, F. (eds.) SAC 2008. Workshop Records, pp. 208\u2013224 (2008)"},{"key":"17_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/978-3-540-71039-4_28","volume-title":"Fast Software Encryption","author":"E. Biham","year":"2008","unstructured":"Biham, E.: New techniques for cryptanalysis of hash functions and improved attacks on Snefru. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol.\u00a05086, pp. 444\u2013461. Springer, Heidelberg (2008)"},{"key":"17_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1007\/978-3-540-24676-3_24","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"M. Bellare","year":"2004","unstructured":"Bellare, M., Kohno, T.: Hash function balance and its impact on birthday attacks. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 401\u2013418. Springer, Heidelberg (2004)"},{"key":"17_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"399","DOI":"10.1007\/978-3-540-73420-8_36","volume-title":"Automata, Languages and Programming","author":"M. Bellare","year":"2007","unstructured":"Bellare, M., Ristenpart, T.: Hash functions in the dedicated-key setting: Design choices and MPP transforms. In: Arge, L., Cachin, C., Jurdzi\u0144ski, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol.\u00a04596, pp. 399\u2013410. Springer, Heidelberg (2007)"},{"key":"17_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1007\/11535218_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"J.S. Coron","year":"2005","unstructured":"Coron, J.S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damg\u00e5rd revisited: How to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 430\u2013448. Springer, Heidelberg (2005)"},{"key":"17_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"I. Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 416\u2013427. Springer, Heidelberg (1990)"},{"key":"17_CR9","unstructured":"Dean, R.D.: Formal Aspects of Mobile Code Security. PhD thesis, Princeton University (1999)"},{"key":"17_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-540-68914-0_10","volume-title":"Applied Cryptography and Network Security","author":"Y. Dodis","year":"2008","unstructured":"Dodis, Y., Puniya, P.: Getting the best out of existing hash functions; or what if we are stuck with SHA? In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol.\u00a05037, pp. 156\u2013173. Springer, Heidelberg (2008)"},{"key":"17_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/978-3-540-79263-5_3","volume-title":"Topics in Cryptology \u2013 CT-RSA 2008","author":"P. Gauravaram","year":"2008","unstructured":"Gauravaram, P., Kelsey, J.: Linear-XOR and additive checksums don\u2019t protect Damg\u00e5rd-Merkle hashes from generic attacks. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol.\u00a04964, pp. 36\u201351. Springer, Heidelberg (2008)"},{"key":"17_CR12","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511721656","volume-title":"The Foundations of Cryptography","author":"O. Goldreich","year":"2004","unstructured":"Goldreich, O.: The Foundations of Cryptography, vol.\u00a02. Cambridge University Press, Cambridge (2004)"},{"key":"17_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"41","DOI":"10.1007\/11818175_3","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"S. Halevi","year":"2006","unstructured":"Halevi, S., Krawczyk, H.: Strengthening digital signatures via randomized hashing. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol.\u00a04117, pp. 41\u201359. Springer, Heidelberg (2006)"},{"key":"17_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"201","DOI":"10.1007\/978-3-540-30539-2_15","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"D. Hong","year":"2004","unstructured":"Hong, D., Preneel, B., Lee, S.: Higher order universal one-way hash functions. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol.\u00a03329, pp. 201\u2013213. Springer, Heidelberg (2004)"},{"key":"17_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1007\/978-3-540-28628-8_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"A. Joux","year":"2004","unstructured":"Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, pp. 306\u2013316. Springer, Heidelberg (2004)"},{"key":"17_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/11761679_12","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"J. Kelsey","year":"2006","unstructured":"Kelsey, J., Kohno, T.: Herding hash functions and the Nostradamus attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol.\u00a04004, pp. 183\u2013200. Springer, Heidelberg (2006)"},{"key":"17_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/11426639_28","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"J. Kelsey","year":"2005","unstructured":"Kelsey, J., Schneier, B.: Second preimages on n-bit hash functions for much less than 2 n work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 474\u2013490. Springer, Heidelberg (2005)"},{"key":"17_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/978-3-540-71039-4_26","volume-title":"Fast Software Encryption","author":"G. Leurent","year":"2008","unstructured":"Leurent, G.: MD4 is not one-way. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol.\u00a05086, pp. 412\u2013428. Springer, Heidelberg (2008)"},{"key":"17_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/3-540-47555-9_5","volume-title":"Advances in Cryptology - EUROCRYPT \u201992","author":"X. Lai","year":"1993","unstructured":"Lai, X., Massey, J.L.: Hash function based on block ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol.\u00a0658, pp. 55\u201370. Springer, Heidelberg (1993)"},{"key":"17_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/11593447_26","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"S. Lucks","year":"2005","unstructured":"Lucks, S.: A failure-friendly design principle for hash functions. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol.\u00a03788, pp. 474\u2013494. Springer, Heidelberg (2005)"},{"key":"17_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/0-387-34805-0_40","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R.C. Merkle","year":"1990","unstructured":"Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 428\u2013446. Springer, Heidelberg (1990)"},{"key":"17_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"166","DOI":"10.1007\/3-540-44987-6_11","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"I. Mironov","year":"2001","unstructured":"Mironov, I.: Hash functions: From Merkle-Damg\u00e5rd to Shoup. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 166\u2013181. Springer, Heidelberg (2001)"},{"key":"17_CR23","doi-asserted-by":"publisher","DOI":"10.1201\/9781439821916","volume-title":"Handbook of Applied Cryptography","author":"A.J. Menezes","year":"1996","unstructured":"Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)"},{"key":"17_CR24","unstructured":"NIST: Secure Hash Standard. FIPS 180-1 (1995)"},{"key":"17_CR25","first-page":"33","volume-title":"ACM 21st STOC","author":"M. Naor","year":"1989","unstructured":"Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: ACM 21st STOC, pp. 33\u201343. ACM, New York (1989)"},{"key":"17_CR26","unstructured":"Puniya, P.: New Design Criteria for Hash Functions and Block Ciphers. PhD thesis, New York University (2007)"},{"key":"17_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"303","DOI":"10.1007\/3-540-38424-3_22","volume-title":"Advances in Cryptology - CRYPTO \u201990","author":"R.L. Rivest","year":"1991","unstructured":"Rivest, R.L.: The MD4 message digest algorithm. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol.\u00a0537, pp. 303\u2013311. Springer, Heidelberg (1991)"},{"key":"17_CR28","doi-asserted-by":"crossref","unstructured":"Rivest, R.L.: The MD5 Message-Digest Algorithm. RFC 1321. IETF (1992)","DOI":"10.17487\/rfc1321"},{"key":"17_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/11958239_14","volume-title":"Progress in Cryptology - VIETCRYPT 2006","author":"P. Rogaway","year":"2006","unstructured":"Rogaway, P.: Formalizing human ignorance: Collision-resistant hashing without the keys. In: Nguy\u00ean, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol.\u00a04341, pp. 211\u2013228. Springer, Heidelberg (2006)"},{"key":"17_CR30","first-page":"387","volume-title":"ACM 22nd STOC","author":"J. Rompel","year":"1990","unstructured":"Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: ACM 22nd STOC, pp. 387\u2013394. ACM, New York (1990)"},{"key":"17_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-540-25937-4_24","volume-title":"Fast Software Encryption","author":"P. Rogaway","year":"2004","unstructured":"Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol.\u00a03017, pp. 371\u2013388. Springer, Heidelberg (2004)"},{"key":"17_CR32","volume-title":"Applied Cryptography","author":"B. Schneier","year":"1996","unstructured":"Schneier, B.: Applied Cryptography, 2nd edn. John Wiley & Sons, Chichester (1996)","edition":"2"},{"key":"17_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"445","DOI":"10.1007\/3-540-45539-6_32","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"V. Shoup","year":"2000","unstructured":"Shoup, V.: A composition theorem for universal one-way hash functions. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol.\u00a01807, pp. 445\u2013452. Springer, Heidelberg (2000)"},{"key":"17_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1007\/BFb0054137","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"D.R. Simon","year":"1998","unstructured":"Simon, D.R.: Finding collisions on a one-way street: Can secure hash functions be based on general assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 334\u2013345. Springer, Heidelberg (1998)"},{"key":"17_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-72540-4_1","volume-title":"Advances in Cryptology - EUROCRYPT 2007","author":"M. Stevens","year":"2007","unstructured":"Stevens, M., Lenstra, A.K., de Weger, B.: Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol.\u00a04515, pp. 1\u201322. Springer, Heidelberg (2007)"},{"issue":"2","key":"17_CR36","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/s10623-005-6344-y","volume":"38","author":"D.R. Stinson","year":"2006","unstructured":"Stinson, D.R.: Some observations on the theory of cryptographic hash functions. Des. Codes Cryptography\u00a038(2), 259\u2013277 (2006)","journal-title":"Des. Codes Cryptography"},{"key":"17_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11426639_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 19\u201335. Springer, Heidelberg (2005)"},{"key":"17_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/11535218_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 17\u201336. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology - ASIACRYPT 2008"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-89255-7_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,15]],"date-time":"2019-05-15T21:50:09Z","timestamp":1557957009000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-89255-7_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008]]},"ISBN":["9783540892540","9783540892557"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-89255-7_17","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2008]]}}}