Cluster Comput DOI 10.1007/s10586-017-1062-6 On the use of chaotic iterations to design keyed hash function Zhuosheng Lin 1 · Christophe Guyeux 2 · Simin Yu 1 · Qianxue Wang 1 · Shuting Cai 1 Received: 2 May 2017 / Revised: 12 July 2017 / Accepted: 17 July 2017 © Springer Science+Business Media, LLC 2017 Abstract Due to the complex dynamical properties of chaos, designing chaos-based hash functions emerged as a new research direction to reinforce information security of data sent through the Internet. This paper aims at developing a novel methodology to construct keyed hash functions based on chaotic iterations, which can avoid dynamic degradation caused by finite precision. The chaotic iterations are used first in the design of strategies thanks to particular pseudo- random number generators. They are also used in hash value computation, by iterating on state-of-the-art hash functions. Security investigations related to sensitiveness, diffusion and confusion, and collision analysis validate the proposed sys- tematic methodology, showing that such post-processing on standard hash functions will preserve their security proper- ties. Keywords Chaotic iterations · Keyed hash function · Post-processing · Security investigations B Shuting Cai shutingcai@gdut.edu.cn Zhuosheng Lin zhuoshenglin@163.com Christophe Guyeux christophe.guyeux@univ-fcomte.fr Simin Yu siminyu@163.com Qianxue Wang wangqianxue@gdut.edu.cn 1 College of Automation, Guangdong University of Technology, Guangzhou, China 2 Femto-st Institute, UMR 6174 CNRS, University of Bourgogne Franche-Comté, Besançon, France 1 Introduction Hash functions compress large amounts of data into a small message digest, which plays an important role for Internet security, managing code repositories, or even just detect- ing duplicated files in a given storage. The first famous hash function was the so-called MD4 (Message Digest 4), designed by Rivest, which is based on Merkle-Damgard iterative structure [26]. After that, various hash functions with an improved but similar design have been proposed. Recently the National Institute of Standards and Technol- ogy (NIST) declared the Keccak sponge family as SHA-3 [24]. However, recent researches have shown that security flaws exist too in these widely used standard hash functions. Thus the National Computer Emergency Response Team issued an emergency statement to stop using MD5 in prac- tical applications and the Chrome team announced that it would phase out the use of SHA-1 in 2014. This year, Google achieved first-ever successful SHA-1 collision attack. There is no doubt that the search for new ways to design secure hash functions is of greatest importance and a never-ending race. Some relations can be emphasized between chaos proper- ties and some targeted aims in hash functions, as confusion, diffusion, and avalanche effects. Thus it may be a good idea to investigate the use of chaos to enrich the ways to design new hash functions. This is why a lot of research works on developing chaos-based hash schemes have been proposed. To the best of our knowledge, article [21] contains the first design of an hash function by using chaos, in which two different chaotic models are used. The number of iteration steps is proportional to the length of the original text, and the process is easy to be implemented in parallel. After this first attempt, various kinds of chaotic hash functions have been proposed in the literature [6, 9, 14, 15, 19, 27, 30, 31], using 123