NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

CRYPTOGRAPHIC HASH WORKSHOP

October 31-November 1, 2005

Original Call for Papers

Workshop Report

Program

NIST Gaithersburg, MD

Monday, October 31, 2005

8:15 AM - Bus departs Gaithersburg Holiday Inn for NIST

8:30 AM - 9:00 AM - Registration — Continental Breakfast

9:00 AM - 9:15 AM
Opening Remarks

Shashi Phoha, Director, Information Technology Laboratory, NIST
William Burr, Manager, Security Technology Group, Computer Security Division, NIST

9:15 AM - 9:45 AM
Keynote Speech: Cryptanalysis of SHA-1 Hash Function
(ppt only)
Xiaoyun Wang, Tsinghua University

9:45 AM - 11:55 AM Session 1: Papers - Hash Collisions: Impacts and Workarounds
Session Chair: Russ Housley, Vigil Security, LLC

9:45 AM - 10:05 AM
Deploying a New Hash Algorithm

Steven M. Bellovin, Columbia University
Eric K. Rescorla, Network Resonance

10:05 AM - 10:25 AM
A Note on Practical Value of Single Hash Collisions for Special File Formats

Max Gebhardt, Georg Illies, Werner Schindler, Bundesamt für Sicherheit in der Informationstechnik

10:25 AM - 10:55 AM - Break — Refreshments

10:55 AM - 11:15 AM
Strengthening Digital Signatures via Randomized Hashing

Shai Halevi, Hugo Krawczyk, IBM T.J. Watson Research Center

11:15 AM - 11:35 AM
Herding Hash Functions and the Nostradamus Attack

John Kelsey, NIST
Tadoyoshi Kohno, University of California, San Diego

11:35 AM - 11:55 M
Collision-Resistent Usage of MD5 and SHA-1 via Message Preprocessing

Michael Szydlo, RSA Laboratories
Yiqun Lisa Yin, Independent Security Consultant

11:55 AM - 12:45 PM Session 2: Panel / Open Discussion - SHA-1: Practical Security Implications of Continued Use
Session Chair: Donna F. Dodson, NIST
Panelists:
Steven Bellovin, Columbia University
Niels Ferguson, Microsoft
Georg Illies, Bundesamt für Sicherheit in der Informationstechnik
Hugo Krawczyk, IBM T.J. Watson Research Center
James Randall, RSA Security

1:00 PM - 2:00 PM — Lunch

2:00 PM - 3:20 PM Session 3: Papers - Status of SHA Family Hash Functions
Session Chair: Phillip Hawkes, Qualcomm International (Australia)

2:00 PM - 2:20 PM
Impact of Rotations in SHA-1 and Related Hash Functions

Norbert Pramstaller, Christian Rechberger, Vincent Rijmen, IAIK, TU-Graz

2:20 PM - 2:40 PM
Preliminary Analysis of the SHA-256 Message Expansion

Norbert Pramstaller, Christian Rechberger, Vincent Rijmen, IAIK, TU-Graz

2:40 PM - 3:00 PM
Some Applications of the Biham-Chen Attack to SHA-like Hash Functions

Hirotaka Yoshida, Hitachi, Ltd.
Alex Biryukov, Bart Preneel, Katholieke Universiteit Leuven

3:00 PM - 3:20 PM
Truncation Mode for SHA

John Kelsey, NIST

3:20 PM - 3:50 PM - Break — Refreshments

3:50 PM - 4:10 PM New Attacks?
John Kelsey, NIST

4:10 PM - 5:10 PM Session 4: Panel / Open Discussion - SHA-256: A Suitable Replacement for SHA-1?
Session Chair: John M. Kelsey, NIST
Panelists:
Orr Dunkelman, Technion
Antoine Joux, DGA & UVSQ
Christian Rechberger, IAIK, TU-Graz
Hirotaka Yoshida, Hitachi, Ltd.

Bus departs for Holiday Inn following conclusion of meeting.

5:30 PM - Reception — Holiday Inn

Tuesday, November 1, 2005

8:15 AM - Bus departs Gaithersburg Holiday Inn for NIST

8:30 AM - 9:00 AM - Registration — Continental Breakfast

9:00 AM - 9:30 AM
Keynote Speech: Design Principles for Hash Functions Revisited
Bart Preneel, Katholieke Universiteit Leuven

9:30 AM - 10:30 AM Session 5: Papers - Damgård Merkle Construction and Alternatives
Session Chair: Susan Landau, Sun Microsystems

9:30 AM - 9:50 AM
A New Design Criteria for Hash-Functions

Jean-Sebastien Coron, University of Luxembourg
Yevgeniy Dodis, New York University
Cecile Malinaud, Gemplus Card International
Prashant Puniya, New York University

9:50 AM - 10:10 AM
Abelian Square-free Dithering and Recoding for Iterated Hash Functions

Ronald L. Rivest, Massachusetts Institute of Technology (presented by John Kelsey, NIST)

10:10 AM - 10:30 AM
Enhancing the MD-Strengthening and Designing Scalable Families of One-Way Hash Algorithms

Neil Kauer, Tony Suarez, Corporate Information Security, Wachovia Bank, NC
Yulian Zheng, University of North Carolina at Charlotte

10:30 AM - 11:00 AM - Break — Refreshments

11:00 AM - 11:40 AM Session 6: Papers - Compression Function Design
Session Chair: Arjen Lenstra, Lucent Technologies' Bell Laboratories

11:00 AM - 11:20 AM
A Fix of the MD4 Family of Hash Functions - Quasigroup Fold

Danilo Gligoroski, Smile Markovski, University of Skopje
Svein J. Knapskog, Norwegian University of Science and Technology

11:20 AM - 11:40 AM
A Simple and Provable Good Code for SHA Message Expansion

Charanjit S. Jutla, IBM T.J. Watson Research Center
Anindya C. Patthak, University of Texas at Austin

11:40 AM - 12:45 PM: Session 7: Panel Discussion - Desiderata: Research Agenda for Future Hash Functions
Session Chair: Lily Chen, NIST
Panelists:
Don B. Johnson, Entrust CygnaCom
John M. Kelsey, NIST
Arjen K. Lenstra, Lucent Technologies' Bell Laboratories
Bart Preneel, Katholieke Universiteit Leuven
Thomas Shrimpton, Portland State University

1:00 PM - 2:00 PM — Lunch

2:00 PM - 3:00 PM Session 8: Papers - New Hash Algorithms
Session Chair: Miles Smid, Orion Security Solutions

2:00 PM - 2:20 PM
A New Dedicated 256-bit Hash Function: FORK-256

Deukjo Hong, Korea University
Jaechul Sung, University of Seoul
Seokhie Hong, Korea University
Sangjin Lee, Korea University
Dukjae Moon, National Security Research Institute, Korea

2:20 PM - 2:40 PM
A New 256-bit Hash Function DHA-256 - Enhancing the Security of SHA-256

Jesang Lee, Donghoon Chang, Hyun Kim, Eunjin Lee, Deukjo Hong, Korea University
Jaechul Sung, University of Seoul
Seokhie Hong, Sangjin Lee, Korea University

2:40 PM - 3:00 PM
VSH, an Efficient and Provable Collision Resistant Hash Function

Scott Contini, Macquarie University, Sydney
Arjen Lenstra, Lucent Technologies' Bell Laboratories
Ron Steinfeld, Macquarie University, Sydney

 3:00 PM - 3:30 PM - Break — Refreshments

3:30 PM - 3:45 PM Rump Session
Cryptographic Hash Functions from Expander Graphs

Denis Charles, Microsoft Research
Eyal Goren, McGill University
Kristin Lauter, Microsoft Research
Presented by: Josh Benaloh, Microsoft Research

Improving Hash Function Padding
Don B. Johnson, Entrust CygnaCom


3:45 PM - 5:00 PM Session 9: Open Discussion - Future Strategy: Where Should We Go From Here?
Session Chair: William Burr, NIST

5:00 PM Adjourn


Additional Accepted Papers:

Hash Function Lifecycles and Future Resiliency, Don B. Johnson, Entrust CygnaCom

Hash Functions and Pseudorandomness, Don B. Johnson, Entrust CygnaCom