Secure design and instantiation of trapdoor-less truncated hash functions

Abstract

In this work, we throw light on gaps between theoretical construction of cryptographic primitives and their practical instantiation. It is assumed that cryptographic primitives will not have any trapdoors in the given design. It is also assumed that security of a cryptographic construction should remain the same in practice as proven in theory. We show how a designer can act as adversary if he doesn't follow some basic paradigms while designing. To ensure that the basic assumptions, made while providing security proof of cryptographic construction, remain true and doubt free, we show that order of de ning the underlying primitives of security protocols are important. We use Hash-then-Truncate(HtT) construction as an example. While discussing security of HtT construction we show that order of de ning hash and truncation function is important. We also show that by providing choices of hash functions from a hash family to a user, we can securely instantiate the HtT construction. In this way, we can bridge the gap between design and practice.