MODIFICATION OF LUBOTZKY–PHILLIPS–SARNAK HASH FUNCTION SUSILA WINDARTA, PETER JOHN, KIKI ARIYANTI SUGENG ⇤ Abstract. Data security is important aspect in information security. Cryptographic hash function can be used to obtain data integrity. Collision resistant is one of important properties of a hash function. Hash function f is called to satisfied the collision resistant if given a hash value f (m) then it will difficult to find other value m 0 from domain of f which has a hash value f (m 0 ), where f (m 0 )= f (m) and m 6= m 0 . In 2008, Tillich-Zemor proved that the hash function of LPS expander graph constructed by Charles–Goren–Lauter does not satisfies collision resistant. To avoid that, as Tilich and Zemor suggestion, the improvement done by transforming the generator set Sp of hash function to be generator setS 2 p . This paper gives mathematically verification that the Tillich–Zemor Theorem cannot be applied in the transformation of the hash function constructed by generator set S 2 p . Moreover, the implementation of the modification of hash function and also its properties are also given. Key words. hash function, expander graph, LPS hash, collision resistant Abstrak. Kerahasiaan data merupakan aspek penting dalam kerahasiaan informasi. Fungsi hash kriptografi dapat digunakan untuk integritas data. Ketahanan tumbukan merupakan salah satu sifat penting dari suatu fungsi hash. Suatu fungsi hash f disebut memenuhi sifat ketahan tumbukan jika diberikan suatu nilai hash f (m) maka akan sulit untuk mencari nilai m 0 dari domain f yang mempunyai nilai hash f (m 0 ), dimana f (m 0 )= f (m) dan m 6= m 0 . Di tahun 2008, Tillich–Zemor membuktikan bahwa fungsi hash dari graf ekspander LPS yang dikonstruksi oleh Charles–Goren–Lauter tidak memenuhi sifat ketahanan tumbukan. Untuk mengatasi kekurangan sifat ini maka dilakukan perbaikan, seperti yang disarankan Tillich dan Zemor, dengan melakukan transformasi himpunan generator Sp dari fungsi hash menjadi himpunan generator S 2 p . Pada makalah ini diberikan verifikasi matematis bahwa teorema Tillich–Zemor tidak dapat digunakan untuk himpunan generator S 2 p . Lebih lanjut, implementasi dari modifikasi serta sifat-sifat setelah modifikasi juga diberikan. Kata kunci. fungsi hash, graf ekspander, hash LPS, ketahanan tumbukan 1. Introduction. The development of science and technology, particularly information and com- munications technology brings major changes to human lifestyles. But the ease of use of the technology was not accompanied with sufficient security minded. This resulted in threats to the security of data and information is huge. A tool that can be used to secure data and information is cryptography. Menezes et.al in [5] states that cryptography is the study of mathematical techniques related to aspects of informa- tion security such as confidentiality, data integrity, entity authentication, and data origin authentication. Data integrity can be obtained by using cryptographic hash functions. Hash function is a function H which has the following properties. The function maps arbitrary length bit to finite length bit output. Output value, called hash value or message digest, should be easy to compute. In general, hash function is classified in two classes, i.e modification detection codes (MDC) and message authentication codes (MAC). They are distinguished by the presence of cryptographic key. MDC is unkeyed hash function, whereas MAC is keyed hash function. There are many hash function constructions have been proposed. First construction was proposed by Ralph Merkle and Ivan Damg˚ ard separately [5]. This construction was widely used as a basis of the current hash function commonly used, such as Merkle Damg˚ ard (MD) hash function family, and the family of Secure Hash Algorithm (SHA). Wang et al. [8] managed to find collision in the SHA family. This attack makes the applications that use the SHA family is vulnerable to attack. Therefore, there are many new hash function constructions were proposed. One of them is a hash function construction based on expander graphs. This construction was proposed by Charles et al. [1]. Expander graph that is used are family of Ramanujan, which is called Lubotzky, Phillips and Sarnak (LPS) expander graph and Pizer expander graph. Unfortunately, attacks of hash function based on LPS expander graph already found, which are done by Tillich and Zemor [7] and Petit et al. [6]. We organized the paper as follows. In Section 2 we describe LPS hash function. In Section 3 we discuss on Tillich–Zemor attack on hash function based on LPS expander graph. Section 4 presents modification on LPS hash function and its properties. In Section 5 we give an example of the attack on modified LPS hash function. 2. LPS hash function. LPS hash function was proposed by Charles et.al [1] based on expander graph Lubotzky Phillips Sarnak [2, 3]. LPS expander graph X `,p is a Cayley graph, a graph that encode ⇤ Department of Mathematics Faculty of Mathematics and Natural Sciences, University of Indonesia (windarta@alumni.ui.ac.id, {peter.john, kiki}@sci.ui.ac.id) This research was funded by “Hibah Pasca Sarjana Universitas Indonesia” 2009 IndoMS Journal on Industrial and Applied Mathematics Volume. 1, Issue. 1 (2014), pp. 9-16 9