單向雜湊函數的設計和應用

Abstract

一個好的雜粹函數可在密碼方向提供很多的應用。在本篇論文中，首先我們偍出一些新的雜粹函數，之後應用雜湊函數的觀念，來探討在網路上玩牌的問題。 首先我們針對RIPEMD-160來設計出一個可輸出1285，192，256三種位元長度的雜湊函數，我們稱之為RIPEMD-X。由於分析和計算能力的不斷擴增，我們提出了一個加強型的RIPEMD-X叫做keyed/unkeyed RIPEMD-X，它比原先的RIPEMD-128和 RIPEMD-256更安全且更有彈性，我們研究所用的方法是使用一個存放參數的表格PHT，將PHT中的參數取出當RIPEMD-X的初始值，而存取PHT參數的方法是用資料結構中的雜湊技巧。因此經由不重複且任意排列的方式存取PHT中的參數，可增進RIPEMD-X的安全性。 之後，一些有名的塊狀加密演算法，如DES被用來產生新的雜湊函數。而AES被用來當作是下20、30年間加密的標準，它強調安全性、簡單性與執行效率。由於RC6曾入圍AES選拔的前5名之一，且作者宣稱RC6的回合金鑰(round key)是由輸入金鑰字(input key word)以單向的方式產生，因此我們出一個以RC6加密演算法為基礎的雜湊演算法叫RC雜湊函數，RC雜湊函數的強度也就大部分依賴於RC6加密演算法，我們所提出的RC雜湊函數可建立128位元輸出，同時，我們也建立了可輸出192及256位元的RC雜湊函數，此外，我們亦提出了一個新的雜湊函數建立在AES(Rajndael)上。 最後，我們探討雜湊函數在網路玩牌上的應用，我們知道對於這方面很多的密碼學家，提出了他們的解決方法，他們的方法不是太過複雜，計算過於費時，且不易懂，就是用排列的方式，而排列的方式是有很多毛病的，換句話說，還沒有一個很好的方法既適合多人玩，且快速易懂又完美。為了改進現有的技巧，我是提出2個方法，一是雜湊函數為基礎的方法，因為我們知道雜湊值具有協定值的特性，即提出後無法改變其值，且雜湊函數具有運算快速的特性，另一個是位元協定的方法，這兩種方法都配合RSA密碼方法使用，它不但觀念簡單而且免去了其它方法為模擬協定值(如一張牌的背面)而設計的繁雜且耗時的方法。

A tight hash function can be a strong support for many cryptographic applications. In this dissertation, we intend to propose some new hash functions. After that, we use the concept of hash function for the application of mental poker game. Firstly, we propose an adaption from RIPEMD-160 to RIPEMD-128, 192, 256 (RIPEMD-X) for providing an alternative length for some applications, such as the input key length of AES. Furthermore, due to the progress in cryptanalysis and computing capability, we propose a strengthened keyed/unkeyed RIPEMD-X with changeable parameters, a more safety and flexible one-way function. Our research method is using hash table to substitute RIPEMD-X initial parameters flexibly. Therefore, we can use parameters flexibly and collision free, as a result, it increases security by permuting parameters. Secondly, certain famous block cipher algorithms, such as DES, are chosen to modify as new hash algorithms. Due to the fact that RC6 had ever been the most hopeful candidate encryption algorithm of AES which emphasizes on the security, simplicity and performance of the algorithm and will be the standard for the next two or more decades, and that the round keys of RC6 are generated from the input key words by a certain amount of “one way” claimed by the authors, we describe a hash function named RC hash function based on the use of underlying RC6 encryption algorithm. It is thus natural that the strength of our proposed scheme relies to a large extent on the RC6 encryption algorithm. The RC hash function in our study can generate 128-bit output. Furthermore, we also give the variant of RC hash function that can output 192 and 256 bits, respectively. Besides, we also propose a new hash function based on Rijndael block cipher which is selected as AES algorithm. Finally, many specialists in cryptography have attempted to propose protocols for mental poker so far, most of the methods proposed are based on the composition of each player’s private permutation of cards or on the complex cryptosystem that is already existed or developed by the proposer. Yet, each one is either too complicated or has some drawbacks in it. In other words, no solution has come to reality. To improve the schemes proposed so far, we construct a hash-based method, i.e. using a hash code as a commitment value and a bit commitment scheme, both are used along with the RSA cryptosystem to implement the mental poker game. It is not only simple but also concise in concept.