Joan Daemen
Professor
Radboud University, The Netherland
Title: On the security of keyed hash constructions
Abstract:
Symmetric cryptography allows the protection of the confidentiality and integrity of messages between parties sharing a secret key. This protection is realized using cryptographic functions: encryption schemes, message authentication codes or their combination, authenticated encryption schemes. In the last decade we have come to realize that all of these can be built from two simple building blocks that are each other’s dual: stream ciphers and keyed hash functions. A stream cipher expands a short secret to an arbitrary-length keystream and is considered secure if an adversary who does not know the secret is unable to distinguish the keystream from a random bitstream. A keyed hash function compresses a key and an arbitrary-length message into a short digest and is considered secure if an adversary who does not know the key is unable to generate collisions in a particular setting.
In this talk we will discuss the security of keyed hash constructions. After explaining the setting and showing generic security reductions valid for any instance, we introduce two basic constructions for such functions: one serial and one parallel, both making use of a fixed-length unkeyed block function. We show how the security of these constructions in our setting is fully determined by the propagation properties of the block function and give some examples of block functions that are suitable for efficient high-security keyed hashing.
Bio:
After graduating in electromechanical engineering Joan Daemen was awarded his PhD in symmetric cryptography in 1995 from KU Leuven. After his contract ended at COSIC, he privately continued his crypto research and contacted Vincent Rijmen to continue their collaboration that would lead to the Rijndael block cipher, and this was selected by NIST as the new Advanced Encryption Standard in 2000. After over 20 years of security industry experience, including work as a security architect and cryptographer for STMicroelectronics, he is now a professor in the Digital Security Group at Radboud University Nijmegen. He co-designed the Keccak cryptographic hash function that was selected as the SHA-3 hash standard by NIST in 2012 and is one of the founders of the permutation-based cryptography movement and co-inventor of the sponge, duplex and farfalle constructions. In 2017 he won the Levchin Prize for Real World Cryptography “for the development of AES and SHA3”. In 2018 he was awarded an ERC advanced grant for research on the foundations of security in symmetric cryptography called ESCADA and an NWO TOP grant for the design of symmetric crypto in the presence of efficient multipliers called SCALAR.