#### Filter Results:

- Full text PDF available (44)

#### Publication Year

2001

2017

- This year (3)
- Last 5 years (22)
- Last 10 years (38)

#### Publication Type

#### Co-author

#### Journals and Conferences

#### Key Phrases

Learn More

- Martijn Stam
- CRYPTO
- 2008

Suppose we are given a perfect n+c-to-n bit compression function f and we want to construct a larger m+s-to-s bit compression function H instead. What level of security, in particular collision resistance, can we expect from H if it makes r calls to f? We conjecture that typically collisions can be found in 2(nr+cr−m)/(r+1) queries. This bound is also… (More)

- Martijn Stam
- IACR Cryptology ePrint Archive
- 2008

We revisit the rate-1 blockcipher based hash functions as first studied by Preneel, Govaerts and Vandewalle (Crypto’93) and later extensively analysed by Black, Rogaway and Shrimpton (Crypto’02). We analyse a further generalization where any preand postprocessing is considered. This leads to a clearer understanding of the current classification of rate-1… (More)

- Thomas Shrimpton, Martijn Stam
- IACR Cryptology ePrint Archive
- 2007

We consider how to build an efficient compression function from a small number of random, noncompressing primitives. Our main goal is to achieve a level of collision resistance as close as possible to the optimal birthday bound. We present a 2n-to-n bit compression function based on three independent n-to-n bit random functions, each called only once. We… (More)

- Dennis Hofheinz, John Malone-Lee, Martijn Stam
- Journal of Cryptology
- 2006

Loosely speaking, an obfuscation O of a function f should satisfy two requirements: firstly, using O, it should be possible to evaluate f; secondly, O should not reveal anything about f that cannot be learnt from oracle access to f alone. Several definitions for obfuscation exist. However, most of them are very hard to satisfy, even when focusing on… (More)

- Martijn Stam, Arjen K. Lenstra
- ASIACRYPT
- 2001

This paper describes several speedups and simplifications for XTR. The most important results are new XTR double and single exponentiation methods where the latter requires a cheap precomputation. Both methods are on average more than 60% faster than the old methods, thus more than doubling the speed of the already fast XTR signature applications. An… (More)

- Jooyoung Lee, Martijn Stam
- Des. Codes Cryptography
- 2011

In this paper, we introduce a new class of double-block-length hash functions. Using the ideal cipher model, we prove that these hash functions, dubbed MJH, are asymptotically collision resistant up to O(2n(1− ) query complexity for any > 0 in the iteration, where n is the block size of the underlying blockcipher. When based on n-bit key blockciphers, our… (More)

- Robert Granger, Dan Page, Martijn Stam
- IACR Cryptology ePrint Archive
- 2004

- Jooyoung Lee, Martijn Stam, John P. Steinberger
- IACR Cryptology ePrint Archive
- 2011

We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three “classical” double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose’s scheme. For Hirose’s… (More)

- Martijn Stam, Arjen K. Lenstra
- CHES
- 2002

This paper describes several speedups for computation in the order p + 1 subgroup of Fp2 and the order p 2 − p + 1 subgroup of Fp6 . These results are in a way complementary to LUC and XTR, where computations in these groups are sped up using trace maps. As a side result, we present an efficient method for XTR with p ≡ 3 mod 4.

- Robert Granger, Dan Page, Martijn Stam
- IEEE Trans. Computers
- 2004

Although identity based cryptography o ers a number of functional advantages over conventional public key methods, the computational costs are signi cantly greater. The dominant part of this cost is the Tate pairing which, in characteristic three, is best computed using the algorithm of Duursma and Lee. However, in hardware and constrained environments this… (More)