Probability Distributions for Elliptic Curves in the CGL Hash Function
This work addresses security vulnerabilities in cryptographic hash functions for applications like data integrity and digital signatures, but it is incremental as it builds on existing analysis of elliptic curve-based hashing.
The paper tackled the problem of analyzing the probability distributions of hash values for the elliptic curve CGL hash function to assess security weaknesses, resulting in a theorem that completely describes all possible distributions and an evaluation showing its collision resistance is comparable to an ideal hash function.
Hash functions map data of arbitrary length to data of predetermined length. Good hash functions are hard to predict, making them useful in cryptography. We are interested in the elliptic curve CGL hash function, which maps a bitstring to an elliptic curve by traversing an input-determined path through an isogeny graph. The nodes of an isogeny graph are elliptic curves, and the edges are special maps betwixt elliptic curves called isogenies. Knowing which hash values are most likely informs us of potential security weaknesses in the hash function. We use stochastic matrices to compute the expected probability distributions of the hash values. We generalize our experimental data into a theorem that completely describes all possible probability distributions of the CGL hash function. We use this theorem to evaluate the collision resistance of the CGL hash function and compare this to the collision resistance of an "ideal" hash function.