Universal hash function

From CRYPTUTOR

Jump to: navigation, search

A universal hash function (UHF) is a hash function which achieves a very primitive notion of collision-resistance. Universal hash functions are also known as pairwise-independent hash functions.

[edit]

Definition

Let m and h be polynomials, and let \mathcal{H}_n = \{ H_k \}_{k \in \{0,1\}^n} be a collection of functions from m(n) bits to h(n) bits, indexed by seeds k. We say that \mathcal{H}_n is a universal hash function if it has the following properties:

  • Efficiency: Hk(m) can be computed in polynomial time in the security parameter n.
  • Compression: h(n) < m(n) for all n.
  • 2-universality: For all x \ne y \in \{0,1\}^{m(n)} and all a,b \in \{0,1\}^{h(n)}:
\Pr_{k \gets \{0,1\}^n} [ H_k(x) = a \land H_k(y) = b ] = 1/2^{2h(n)}

In other words, x and y are mapped uniformly and independently across the range of \mathcal{H}_n, when the seed k is chosen at random.

[edit]

Existence

The definition of UHFs is purely combinatorial -- there are no computational restrictions. Thus, many unconditional constructions of UHFs are known.

Retrieved from "http://crypto.cs.uiuc.edu/wiki/index.php/Universal_hash_function"