2

I have a few questions regarding functions:

  1. Is there a way universal hash functions can be used to provide unconditional authentication in the way the OTP provides unconditional security?
  2. Assuming a TRNG is used how could this be combined to form a perfect cryptosystem, assuming PSK's are secured?
  3. Is there unconditional non-repudiation(acceptance by third-party) to go along with this?
  4. And lastly, why are these hash functions not used as a SHA-#?
dylan7
  • 551
  • 4
  • 10

1 Answers1

2

  1. $\;\;\;$ Sure. $\:$ The simplest way is to OTP-encrypt the
    $\;\;\;$ output of an almost xor-universal hash family.

  2. $\;\;\;$ That could be used for encrypt-then-MAC, where
    $\;\;\;$ the MAC is applied to an ordered pair that indicates
    $\;\;\;$ [the message number or how far into the pad to start] and the OTP ciphertext.
    $\;\;\;$ (Presumably, the pairing function would be $\;\;\; \langle x,\hspace{-0.03 in}y\hspace{-0.03 in}\rangle \: \mapsto \; $prefixfree$(x)\hspace{.04 in}||\hspace{.04 in}y \:\:\:\:$.)

  3. $\;\;\;$ Yes.

  4. $\;\;\;$ The tightest way I'm aware of to get provable universality while still hopefully being
    $\;\;\;$ second-preimage resistant is the trivial construction that just concatenates an output
    $\;\;\;$ from a universal hash family with the output from a standard cryptographic hash function.

Community
  • 1