Doubling Reduction Amount of Hash Functions

Suppose we are given a particular fixed-length hash function h : 256-bits→ 128-bits. How can we use h to compute a 128-bit strong collision-free hash of a 512-bit input block? We consider several possible ways to extend h to a hash function H : 512-bits→ 128-bits. In the following, we suppose that m is 512-bits long, and we write m = m1m2, where m1 and m2 are 256 bits each. Method 1 Define H(m) = H(m1m2) = h(m1) ⊕ h(m2). Unfortunately, this fails to be either strong or weak collision-free since m′ = m2m1 always collides with m under H (except in the special case that m1 = m2. Method 2 Define H(m) = H(m1m2) = h(h(m1)h(m2)).