Security Analysis of a 2/3-Rate Double Length Compression Function in the Black-Box Model
نویسندگان
چکیده
In this paper, we propose a 2/3-rate double length compression function and study its security in the black-box model. We prove that to get a collision attack for the compression function requires Ω(2) queries, where n is the single length output size. Thus, it has better security than a most secure single length compression function. This construction is more efficient than the construction given in [8]. Also the three computations of underlying compression functions can be done in parallel. The proof idea uses a concept of computable message which can be helpful to study security of other constructions like [8], [14], [16] etc.
منابع مشابه
Security Analysis of Double Length Compression Function Based on Block Cipher
Recently Nandi etc. have proposed a 1/3-rate and a 2/3-rate double length compression functions and studied their security in the black-box model. They proved that to find a collision for the compression function, it requires Ω(2) queries, where n is the length of output size. In this paper, we show that not all hash functions based on block cipher constructed according to their model are of th...
متن کاملProvably Secure Double-Block-Length Hash Functions in a Black-Box Model
In CRYPTO’89, Merkle presented three double-block-length hash functions based on DES. They are optimally collision resistant in a black-box model, that is, the time complexity of any collision-finding algorithm for them is Ω(2 ) if DES is a random block cipher, where is the output length. Their drawback is that their rates are low. In this article, new double-block-length hash functions with hi...
متن کاملDesigns of Efficient Secure Large Hash Values
A double length hash function is a 2n-bit hash function based on an n-bit compression function. To increase the security level, designs of good double length hash functions are important. In this paper we construct a class of maximally secure double length hash functions in random oracle model based on some good permutations. This class contains recently proposed double length hash functions [1...
متن کاملBuilding a Collision-Resistant Compression Function from Non-compressing Primitives
We consider how to build an efficient compression function from a small number of random, noncompressing primitives. Our main goal is to achieve a level of collision resistance as close as possible to the optimal birthday bound. We present a 2n-to-n bit compression function based on three independent n-to-n bit random functions, each called only once. We show that if the three random functions ...
متن کاملGeneric Security of NMAC and HMAC with Input Whitening
HMAC and its variant NMAC are the most popular approaches to deriving a MAC (and more generally, a PRF) from a cryptographic hash function. Despite nearly two decades of research, their exact security still remains far from understood in many different contexts. Indeed, recent works have re-surfaced interest for generic attacks, i.e., attacks that treat the compression function of the underlyin...
متن کامل