Blockcipher-Based Hashing Revisited
نویسنده
چکیده
We revisit the rate-1 blockcipher based hash functions as first studied by Preneel, Govaerts and Vandewalle (Crypto’93) and later extensively analysed by Black, Rogaway and Shrimpton (Crypto’02). We analyse a further generalization where any preand postprocessing is considered. This leads to a clearer understanding of the current classification of rate-1 blockcipher based schemes as introduced by Preneel et al. and refined by Black et al. In addition, we also gain insight in chopped, overloaded and supercharged compression functions. In the latter category we propose two compression functions based on a single call to a blockcipher whose collision resistance exceeds the birthday bound on the cipher’s blocklength.
منابع مشابه
Tweakable Blockciphers for Efficient Authenticated Encryptions with Beyond the Birthday-Bound Security
Modular design via a tweakable blockcipher (TBC) offers efficient authenticated encryption (AE) schemes (with associated data) that call a blockcipher once for each data block (of associated data or a plaintext). However, the existing efficient blockcipher-based TBCs are secure up to the birthday bound, where the underlying keyed blockcipher is a secure strong pseudorandom permutation. Existing...
متن کاملOptimally Secure Tweakable Blockciphers
We consider the generic design of a tweakable blockcipher from one or more evaluations of a classical blockcipher, in such a way that all input and output wires are of size n bits. As a first contribution, we show that any tweakable blockcipher with one primitive call and arbitrary linear preand postprocessing functions can be distinguished from an ideal one with an attack complexity of about 2...
متن کاملNew Blockcipher Modes of Operation with Beyond the Birthday Bound Security
In this paper, we define and analyze a new blockcipher mode of operation for encryption, CENC, which stands for Cipher-based ENCryption. CENC has the following advantages: (1) beyond the birthday bound security, (2) security proofs with the standard PRP assumption, (3) highly efficient, (4) single blockcipher key, (5) fully parallelizable, (6) allows precomputation of keystream, and (7) allows ...
متن کاملEfficient Hashing Using the AES Instruction Set
In this work, we provide a software benchmark for a large range of 256-bit blockcipher-based hash functions. We instantiate the underlying blockcipher with AES, which allows us to exploit the recent AES instruction set (AESNI). Since AES itself only outputs 128 bits, we consider double-block-length constructions, as well as (single-block-length) constructions based on RIJNDAEL256. Although we p...
متن کاملThe Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function
The Ideal-Cipher Model of a blockcipher is a well-known and widely-used model dating back to Shannon [24] and has seen frequent use in proving the security of various cryptographic objects and protocols. But very little discussion has transpired regarding the meaning of proofs conducted in this model or regarding the model’s validity. In this paper, we briefly discuss the implications of proofs...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008