NIST, Computer Security Division, Computer Security Resource Center
SECOND CRYPTOGRAPHIC HASH WORKSHOP
August 24-25, 2006
Corwin Pavilion, UCSB Santa Barbara, CA
Thursday, August 24, 2006
1:00 PM - 5:00 PM - Registration (Corwin Pavilion Lobby)
2:00 PM - 2:10 PM
Opening Remarks
William Burr, National Institute of Standards and Technology
2:10 PM - 3:15 PM Session 1: Papers - New Structures of Hash Functions
Session Chair: Lily Chen, National Institute of Standards and Technology
2:15 PM - 2:35 PM
A Framework for Iterative Hash Functions --- HAIFA [paper] [presentation (.pdf)]
Orr Dunkelman, Technion - Israel Institute of Technology
Eli Biham, Technion - Israel Institute of Technology
2:35 PM - 2:55 PM
How to Construct Double-Block-Length Hash Functions [paper] [presentation (.pdf)]
Shoichi Hirose, The University of Fukui
2:55 PM - 3:15 PM
Multi-Property-Preserving Hash Domain Extension: The EMD Transform [paper] [presentation (.pdf)]
Mihir Bellare and Thomas Ristenpart, University of California, San Diego
3:15 PM - 3:45 PM — Break - Refreshments
3:45 PM - 4:20 PM Session 2: Papers - Hash Functions in Practice
Session Chair: Donna Dodson, National Institute of Standards and Technology
3:50 PM - 4:10 PM
Classification of Hash Functions Suitable for Real-life Systems [paper] [presentation (.pdf)]
Yasumasa Hirai, NTT DATA Corporation
Takashi Kurokawa, National Institute of Information and Communications Technology
Shin'ichiro Matsuo, NTT DATA Corporation
Hidema Tanaka, Akihiro Yamamura, National Institute of Information and Communications Technology
4:10 PM - 4:20 PM
Update on Randomized Hashing [presentation (.pdf)]
Shai Halevi and Hugo Krawczyk, IBM T.J. Research Center
4:20 PM - 5:20 PM Session 3: Panel / Open Discussion - SHA-256 Today and Maybe Something Else in a Few Years: Effects on Research and Design [paper] [presentation (.pdf)] [The Chair's Summary]
Session Chairs: Paul Hoffman, VPN Consortium
Arjen Lenstra, Ecole Polytechnique Fédérale de Lausanne IC LACAL
Panelists:
Ron Rivest, Massachusetts Institute of Technology
Adi Shamir, Weizmann Institute of Science
Bart Preneel, Katholieke Universiteit Leuven
Antoine Joux, Délégation Générale pour l'Armement & University of Versailles, Saint-Quentin-en-Yvelines
Niels Ferguson, Microsoft
5:20 PM - 5:35 PM - Q & A and Open Discussion
5:45 PM - 7:30 PM Dinner - for attendees staying in the dorm
De La Guerra Commons
(Off-site attendees can purchase meals with a credit card)
5:35 PM - Adjoun
8:00 PM - Appetizer / Cash Bar Reception
The Faculty Club
(All Cryptographic Hash Workshop Attendees)
Friday, August 25, 2006
8:30 AM - 12:00 PM - Registration (Corwin Pavilion Lobby)
9:00 AM - 9:40 AM
Keynote Speech: "Message Modification, Neutral Bits and Boomerangs: From Which Round Should we Start Counting in SHA?" [presentation (.pdf)]
Antoine Joux, Délégation Générale pour l'Armement & University of Versailles, Saint-Quentin-en-Yvelines
9:40 AM - 10:25 AM Session 4: Papers - New Designs of Hash Functions
Session Chair: William Burr, National Institute of Standards and Technology
9:45 AM - 10:05 AM
RadioGatun, a Belt-and-Mill Hash Function [paper] [presentation (.pdf)]
Guido Bertoni, Joan Daemen, STMicroelectronics
Michaël Peeters, De Valck Consultants
Gilles Van Assche, STMicroelectronics
10:05 AM - 10:25 AM
LASH [paper] [presentation (.pdf)]
Kamel Bentahar, University of Bristol
Dan Page, University of Bristol
Markku-Juhani O. Saarinen, Royal Holloway, University of London
Joseph H. Silverman, NTRU Cryptosystems Inc
Nigel Smart, University of Bristol
10:25 AM - 10:35 AM - Q & A and Open Discussion
10:35 AM - 11:05 AM - Break — Refreshments
11:05 AM - 12:15 PM: Session 5: Papers / Panel - Cryptanalysis and Attack Tools
Session Chair: John Kelsey, National Institute of Standards and Technology
11:05 AM - 11:15 AM
Background / Overview of Cryptanalysis and Attack Tools
11:15 AM - 11:25 AM
Finding SHA-1 Characteristics [paper] [presentation (.pdf)]
Christophe De Cannière and Christian Rechberger, Graz University of Technology
11:25 AM - 11:35 AM
Automated Search for Round 1 Differentials for SHA-1: Work in Progress [paper] [presentation (.pdf)]
Philip Hawkes, Qualcomm Australia
Michael Paddon, Qualcomm Australia
Gregory Rose, Qualcomm Incorporated
11:35 AM - 11:45 AM
Precise Probabilities for Hash Collision Paths [paper] [presentation (.pdf)]
Werner Schindler, Federal Office for Information Security, Germany
Max Gebhardt, Georg Illies, Federal Office for Information Security, Germany
11:45 AM - 11:55 AM
Gröbner Basis Based Cryptanalysis of SHA-1 [paper] [presentation (.pdf)]
Makoto Sugita, Cryptography Research and Evaluation Group IT Security Center
Mitsuru Kawazoe, Osaka Prefecture University
Hideki Imai, Chuo University
11:55 AM - 12:15 PM
Panel / Discussion
12:15 PM - 1:45 PM — Lunch
De La Guerra Commons
1:45 PM - 2:50 PM Session 6: Papers - More New Designs of Hash Functions
Session Chair: Rene Peralta, National Institute of Standards and Technology
1:50 PM - 2:10 PM
Edon-R Family of Cryptographic Hash Functions [paper] [presentation (.pdf)]
Danilo Gligoroski, Norwegian University of Science and Technology
Smile Markovski, Institute of Informatics
Ljupco Kocarev, University of California, San Diego
2:10 PM - 2:30 PM
Cryptographic Hash Functions from Expander Graphs [paper] [presentation (.pdf)]
Denis Charles, Microsoft Research
Eyal Goren, McGill University
Kristin Lauter, Microsoft Research
2:30 PM - 2:50 PM
Provably Secure FFT Hashing [paper] [presentation (.pdf)]
Vadim Lyubashevsky, University of California, San Diego
Daniele Micciancio, University of California, San Diego
Chris Peikert, Massachusetts Institute of Technology
Alon Rosen, Harvard University
2:50 PM - 3:20 PM - Break — Refreshments
3:20 PM - 5:00 PM Session 7: The Way Forward
Session Chair: William Burr, National Institute of Standards and Technology
3:25 PM - 3:35 PM New Results
Forgery and Partial Key Recovery Attacks on HMAC and NMAC using Hash Collisions [presentation (.pdf)]
Scott Contini, Macquarie University
Lisa Yin, Independent Security Consultant
3:35 PM - 3:55 PM
Development Timeline of the New Hash Function Standard [presentation (.pdf)]
Elaine Barker , National Institute of Standards and Technology
3:55 PM - 5:00 PM
Summary and Open Discussion [presentation (.pdf)]
William Burr, National Institute of Standards and Technology
5:00 PM Adjourn
UNACCEPTED PAPERS
With the author's permission, the following are some of the papers that were submitted, but not accepted at the Second Cryptographic Hash Workshop:
| PAPER TITLE | AUTHOR(s) |
| A Method for Pre-Processing Message Digest Output | Fortner, James - Fischer International Systems |
| Long-lived digital integrity using short-lived hash functions | Haber, Stuart - Hewlett-Packard Labs |
| Using Steganography to Improve Hash Functions’ Collision Resistance | Kellinis, Emmanouel - KPMG LLP |
| Caligo, An Extensible Block Cipher and CHash, A Caligo Based Hash | Machado, Alexis Warner - Telmig Celular S.A. |
| Multicollision Attacks on Some Generalized Sequential Hash | Nandi, Mridul and Stinson, D.R. - University of Waterloo |
| Using a secure SHA1 GPRS technology to provide mobile outpatient care in Jamaica | Thorpe, Sean; Foster, Michael; Harris, André; Nembhard, Stevon; Russell, Snovia; and Williams, Alrick - University Of Technology, Jamaica |
| A proposal of a criterion for collision resistance of hash functions | Watanabe , Dai and Yoshida, Hirotaka - Hitachi, Ltd. |
| A note on the security proof of Knudsen-Preneel construction of a hash function | Watanabe , Dai - Hitachi, Ltd. |