Abstract
A hash chain is a sequence of hash values x i = hash(x i − 1) for some initial secret value x 0. It allows to reveal the final value x n and to gradually disclose the pre-images x n − 1, x n − 2, ... whenever necessary. The correctness of a given value x i can then be verified by re-computing the chain and comparing the result to x n . Here we present a method to speed up the verification by outputting some extra information in addition to the chain’s end value x n . This information allows to relate the verifier’s workload to a variably chosen security bound. That is, on input a putative chain value the verifier determines a security level (i.e., security against adversaries with at most T steps and success probability ε) and performs only a fraction p=p(T,ε) of the original work by using the additional information. We also show lower bounds for the length of this extra information.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bellare, M., Kohno, T.: Hash Function Balance and its Impact on Birthday Attacks. Number 2003/65 in Cryptology eprint archive. eprint.iacr.org (2003)
Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: Proceedings of the Annual Conference on Computer and Communications Security (CCS), ACM Press, New York (1993)
Coppersmith, D., Jakobsson, M.: Almost Optimal Hash Sequence Traversal. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, Springer, Heidelberg (2003)
Dwork, C., Goldberg, A., Naor, M.: On Memory-Bound Funtions for Fighting t Spam. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 426–444. Springer, Heidelberg (2003)
Haller, N.: The S/KEY One-Time Password Scheme. Symposium on Network and Distributed Systems Security, pp. 151–157. Internet Society (1994)
Haller, N.: The S/KEY One-Time Password Scheme (1995)
Hu, Y.-C., Johnson, D., Perrig, A.: SEAD: Secure Efficient Distance Vector Routing in Mobile Wireless Ad Hoc Networks. In: Workshop on Mobile Computing Systems and Applications (WMCSA) 2002, IEEE Computer Society Press, Los Alamitos (2002)
Hu, Y.-C., Perrig, A., Johnson, D.: Efficient Security Mechanisms for Routing Protocols. In: Annual Symposium on Network and Distributed System Security (NDSS 2003), Internet Society (2003)
Hauser, R., Przygienda, A., Tsudik, G.: Reducing the Cost of Security in Link State Routing. In: Annual Symposium on Network and Distributed System Security (NDSS 1997). Internet Society (1997)
Hauser, R., Steiner, M., Waidner, M.: Micro-Payments Based on iKP. In: Proceedings of SECURICOM 1996, Worldwide Congress on Computer and Communications Security and Protection, pp. 67–82 (1996)
Jakobsson, M., Leighton, T., Micali, S., Szydlo, M.: Fractal Merkle Tree Representation and Traversal. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 314–326. Springer, Heidelberg (2003)
Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24(11), 770–772 (1981)
Merkle, R.: A Digital Signature Based on a Conventional Encryption Function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988)
Micali, S.: Efficient Certificate Revocation. Technical Report MIT/LCS/TM-542b, MIT Laboratory for Computer Science (1996)
Perrig, A., Canetti, R., Song, D., Tygar, D.: The TESLA Broadcast Authentication Protocol. In: CryptoBytes, vol. 5, pp. 2–13. RSA Security (2002)
Perrig, A.: The BiBa One-Time Signature and Broadcast Authentication Protocol. In: Proceedings of the Annual Conference on Computer and Communications Security (CCS), pp. 28–37. ACM Press, New York (2001)
Rivest, R., Shamir, A.: PayWord and MicroMint: Two Simple Micropayment Schemes. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 69–87. Springer, Heidelberg (1997)
Sella, Y.: On the Computation-Storage Trade-Offs of Hash Chain Traversals. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 270–285. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fischlin, M. (2004). Fast Verification of Hash Chains. In: Okamoto, T. (eds) Topics in Cryptology – CT-RSA 2004. CT-RSA 2004. Lecture Notes in Computer Science, vol 2964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24660-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-24660-2_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20996-6
Online ISBN: 978-3-540-24660-2
eBook Packages: Springer Book Archive