Indifferentiable Security Analysis of choppfMD, chopMD, a chopMDP, chopWPH, chopNI, chopEMD, chopCS, and chopESh Hash Domain Extensions
نویسندگان
چکیده
We provide simple and unified indifferentiable security analyses of choppfMD, chopMD, a chopMDP (where the permutation P is to be xored with any non-zero constant.), chopWPH (the chopped version of Wide-Pipe Hash proposed in [16]), chopEMD, chopNI, chopCS, chopESh hash domain extensions. Even though there are security analysis of them in the case of no-bit chopping (i.e., s = 0), there is no unified way to give security proofs. All our proofs in this paper follow the technique introduced in [3]. These proofs are simple and easy to follow.
منابع مشابه
Reset Indifferentiability from Weakened Random Oracle Salvages One-Pass Hash Functions
Ristenpart et al. showed that the limitation of the indifferentiability theorem of Maurer et al. which does not cover all multi-stage security notions Sm but covers only single-stage security notions Ss, defined reset indifferentiability, and proved the reset indifferentiability theorem, which is an analogy of the indifferentiability theorem covers all security notions S (= Ss ∪ Sm): F1 @r F2 ⇒...
متن کاملImproved Indifferentiability Security Analysis of chopMD Hash Function
The classical design principle Merkle-Damg̊ard [13, 6] is scrutinized by many ways such as Joux’s multicollision attack, Kelsey-Schneier second preimage attack etc. In TCC’04, Maurer et al. introduced a strong security notion called as “indifferentiability” for a hash function based on a compression function. The classical design principle is also insecure against this strong security notion whe...
متن کاملOn Indifferentiable Hash Functions in Multi-Stage Security Games
It had been widely believed that the indifferentiability framework ensures composition in any security game. However, Ristenpart, Shacham, and Shrimpton (EUROCRYPT 2011) demonstrated that for some multi-stage security, there exists a cryptosystem which is secure in the random oracle (RO) model but is broken when some indifferentiable hash function is used. However, this does not imply that for ...
متن کاملAdaptive Preimage Resistance Analysis Revisited: \\ Requirements, Subtleties and Implications
In the last few years, the need to design new cryptographic hash functions has led to the intense study of when desired hash multi-properties are preserved or assured under compositions and domain extensions. In this area, it is important to identify the exact notions and provide often complex proofs of the resulting properties. Getting this analysis right (as part of provable security studies)...
متن کاملSecurity Analysis of the Mode of JH Hash Function
Recently, NIST has selected 14 second round candidates of SHA3 competition. One of these candidates will win the competition and eventually become the new hash function standard. In TCC’04, Maurer et al introduced the notion of indifferentiability as a generalization of the concept of the indistinguishability of two systems. Indifferentiability is the appropriate notion of modeling a random ora...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008