0

Some standard compression procedures, like the IANA's gzip provided by HTTP protocol, will consume CPU-time anyway... So we can reuse compressed file, $Z(x)$, in the checksum procedure. That is, we can use $H(Z(x))$ instead $H(x)$.

Let $H$ be a collision resistant hash function and $P_c[H](S)$ the collision rate probability about a sample set $S$ of input elements (eg. random numbers). It decreases when using $Z(x)$?
$P_c[H\circ Z](S) \le P_c[H](S)$   ?

Intuitivally we can imagine some decrease in collision-rate because hashing a file is similar to an aleatory sampling procedure: if we reduce the redundance in the sample set, we reduce collision probability. HTML, XML, and many other file formats have a lot of redundancy.

If the intuition is correct, the questions is also about "how mutch better is it"?

NOTICE: I am using the strange term collision rate probability (with a link to this other question) to avoid confusion with the "general collision probability". Please take care to not mix the concepts in the answer.

Peter Krauss
  • 193
  • 1
  • 12
  • You can't avoid confusion by just asserting that two nonstandard terms are different. You'll need to define ‘collision rate probability’ and ‘general collision probability’ in precise mathematical terms if you want to draw a distinction between them. – Squeamish Ossifrage Apr 21 '18 at 16:24
  • Hi @SqueamishOssifrage, thanks the recommendations. Well, do you know some other good source of "well-know definitions"? I was looking for and not see at Wikipedia... Or, can you check if make sense and I can use the $N_c/|S|$ definition of the section "Counting the collisions" here? – Peter Krauss Apr 21 '18 at 16:36
  • I don't know what concept you're trying to invoke. Here's one candidate: $P_cH$, for random $H$, is the probability that there exist two elements $x, y \in S$ such that $H(x) = H(y)$. If $H$ is a uniform choice of all functions from $S$ to another set $T$, then this depends only on the number of elements $n$ in $S$ and $k$ in $T$; specifically, it is $1 - n!/(n^k k!)$. Since it depends only on number of elements in $S$, it is the same as the average of $P_cH$ for equal-sized sets $S_i$. If these are not what you mean, you need to say what you mean here. – Squeamish Ossifrage Apr 21 '18 at 16:41
  • Thanks @SqueamishOssifrage, yes, I need to define better the probability function. I am trying first in this other question, can you check if it is acceptable? The definition that you used is valid only for "perfect hashes" like SHA1, etc. but not for "bad hashes". – Peter Krauss Apr 21 '18 at 21:45

1 Answers1

1

No. On the contrary, if we model $H$ as a random function chosen independently of $Z$ and $S$, then $P_c[H\circ Z](S)=P_c[H](S)$.

Argument is that $P_c[H](S)$ is dependent only on the width of $H$ and the number of elements in $S$, as long as $H$ is modeled as a random function chosen independently of $S$. Define $S'$ as the set of $Z(s)$ for $s$ in $S$. It holds that $P_c[H\circ Z](S)=P_c[H](S')$, and because compression is reversible, $S'$ and $S$ have the same number of elements.

fgrieu
  • 140,762
  • 12
  • 307
  • 587
  • Hi @fgrieu, please check the cited question, where we have a discusstion about the "correct" probability function... So, your hypothesis ("$P_cH$ is dependent only on the width of $H$ and the number of elements in $S$") is wrong when we have the correct $P_c$ choice. I am using the strange term collision rate probability to avoid confusion with the "general probability". – Peter Krauss Apr 21 '18 at 16:00
  • @Peter Krauss: I did not find a precise definition of "collision rate probability" in the link. But I do understand the other question and there, we indeed have $P_cH\circ H\ge P_cH$ when $H$ is a random function independent of $S$. – fgrieu Apr 22 '18 at 01:55
  • Hi, thanks to confirm the assertion of the other question (good to remember constraint "when H is independent"), and sorry de lack of a precise definition here... I am trying it in other question, then I will back when solved the problem. See https://crypto.stackexchange.com/q/58566/42893 – Peter Krauss Apr 22 '18 at 12:23