On the cryptography of digest functions in manual authentication protocols.

Long Nguyen ( OUCL )

Manual authentication protocols seek to authenticate data from existing human trust and interactions, and thus eliminate the needs for shared secrets, passwords, and PKI. Many of these protocols use a digest function to digest the data into a short value of 4-5 digits so that humans can manually compare it. In this talk, we will first describe the properties of digest functions required in these protocols. For example, it needs to have a very short output and no key is used to digest more than one message. These characteristics are in contrast to message authentication codes and ciphers, whose outputs are always longer and they all reuse a single private key for a period of time. Since the short output potentially leads to efficient computation, we propose a new digest construction based on word multiplications which possesses strong and provable security properties.