Abstract: Symmetric cryptography allows the protection of the confidentiality and integrity of messages between parties sharing a secret key. This protection is realized using cryptographic functions: encryption schemes, message authentication codes or their combination, authenticated encryption schemes. In the last decade we have come to realize that all of these can be built from two simple building blocks that are each other’s dual: stream ciphers and keyed hash functions. A stream cipher expands a short secret to an arbitrary-length keystream and is considered secure if an adversary who does not know the secret is unable to distinguish the keystream from a random bitstream. A keyed hash function compresses a key and an arbitrary-length message into a short digest and is considered secure if an adversary who does not know the key is unable to generate collisions in a particular setting.
In this talk we will discuss the security of keyed hash constructions. After explaining the setting and showing generic security reductions valid for any instance, we introduce two basic constructions for such functions: one serial and one parallel, both making use of a fixed-length unkeyed block function. We show how the security of these constructions in our setting is fully determined by the propagation properties of the block function and give some examples of block functions that are suitable for efficient high-security keyed hashing.
The slide is available here