Near-Collision Attack and Collision-Attack on Double Block Length Compression Functions based on the Block Cipher IDEA

نویسنده

  • Donghoon Chang
چکیده

IDEA is a block cipher designed by Xuejia Lai and James L. Massey and was first described in 1991. IDEA does not vary the constant in its key schedule. In [1], Donghoon Chang and Moti Yung showed that there may be a weakness of hash function based on block cipher whose key schedule does not use various constants. Based on their result, we investigate the security of double block length compression functions based on the block cipher IDEA such that the key size of IDEA is 128 bits and its block length is 64 bits. We use the double block length hash functions proposed by Shoichi Hirose in the second hash workshop in 2006 [2]. Then, we can easily find a near-collision by hand. And also, for a constant c of DBL hash functions, we can find a collision by hand. This means that the constant c may be used as a trapdoor to make the attacker find collision easily.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Optimal Collision Security in Double Block Length Hashing with Single Length Key

The idea of double block length hashing is to construct a compression function on 2n bits using a block cipher with an n-bit block size. All optimally secure double length hash functions known in the literature employ a cipher with a key space of double block size, 2n-bit. On the other hand, no optimally secure compression functions built from a cipher with an n-bit key space are known. Our wor...

متن کامل

Some Plausible Constructions of Double-Block-Length Hash Functions

In this article, it is discussed how to construct a compression function with 2n-bit output using a component function with n-bit output. The component function is either a smaller compression function or a block cipher. Some constructions are presented which compose collision-resistant hash functions: Any collision-finding attack on them is at most as efficient as a birthday attack in the rand...

متن کامل

Collision Resistance of Double-Block-Length Hash Function against Free-Start Attack

In this article, we discuss the security of double-blocklength (DBL) hash functions against the free-start collision attack. We focus on the DBL hash functions composed of compression functions of the form F(x) = ( f (x), f (p(x))), where f is a smaller compression function and p is a permutation. We first show, in the random oracle model, that a significantly good upper bound can be obtained o...

متن کامل

A Class of secure Double Length Hash Functions

In this paper we constructed a class of double length hash functions which are maximally secure i.e. the birthday attack is the best possible attack. Recently, Joux [6] in Crypto-04 showed a multicollision attack on the classical iterated hash function which can be used to get the collision on the concatenated double length hash functions. Very recently, Lucks [10] also designed a double-pipe h...

متن کامل

On the Design of Secure and Fast Double Block Length Hash Functions

In this work the security of the rate-1 double block length hash functions, which based on a block cipher with a block length of n-bit and a key length of 2n-bit, is reconsidered. Counter-examples and new attacks are presented on this general class of double block length hash functions with rate 1, which disclose uncovered flaws in the necessary conditions given by Satoh et al. and Hirose. Prei...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2006  شماره 

صفحات  -

تاریخ انتشار 2006