Elena Andreeva
KU Leuven
Security of SHA-3: the provable security perspective
We will start this talk with introducing the main security properties of cryptographic hash functions, such as collision, second preimage and preimage resistance. We will explore in more detail the concrete security requirements specified by NIST (the American National Institute of Standards and Technology) in their call for a new SHA-3 hash algorithm in 2007. Next, we will discuss how the existing hash functions together with the SHA-3 finalists (BLAKE, Groestl, JH, Keccak and Skein) comply with NIST's security criteria from a provable perspective. To do so we will first explain the underlying principles and goals of provable security and then introduce the concrete designs with their security properties. We will conclude this talk with the analysis of the SHA-3 winner Keccak.