CORE
🇺🇦
make metadata, not war
Services
Services overview
Explore all CORE services
Access to raw data
API
Dataset
FastSync
Content discovery
Recommender
Discovery
OAI identifiers
OAI Resolver
Managing content
Dashboard
Bespoke contracts
Consultancy services
Support us
Support us
Membership
Sponsorship
Community governance
Advisory Board
Board of supporters
Research network
About
About us
Our mission
Team
Blog
FAQs
Contact us
Optimal Collision Security in Double Block Length Hashing with Single Length Key
Authors
B. Mennink
B. Preneel
+18 more
D. Jetchev
E. Andreeva
E. Fleischmann
F. Armknecht
J. Lee
J. Lee
J. Lee
J.P. Steinberger
J.W. Bos
M. Nandi
M. Stam
M. Stam
O. Özen
P. Rogaway
P. Rogaway
S. Hirose
S. Hirose
X. Lai
Publication date
1 January 2012
Publisher
'Springer Science and Business Media LLC'
Doi
Cite
Abstract
The idea of double block length hashing is to construct a compression function on 2n bits using a block cipher with an n-bit block size. All optimally secure double length hash functions known in the literature employ a cipher with a key space of double block size, 2n-bit. On the other hand, no optimally secure compression functions built from a cipher with an n-bit key space are known. Our work deals with this problem. Firstly, we prove that for a wide class of compression functions with two calls to its underlying n-bit keyed block cipher collisions can be found in about 2n/2 queries. This attack applies, among others, to functions where the output is derived from the block cipher outputs in a linear way. This observation demonstrates that all security results of designs using a cipher with 2n-bit key space crucially rely on the presence of these extra n key bits. The main contribution of this work is a proof that this issue can be resolved by allowing the compression function to make one extra call to the cipher. We propose a family of compression functions making three block cipher calls that asymptotically achieves optimal collision resistance up to 2n(1-ε) queries and preimage resistance up to 23n(1-ε)/2 queries, for any ε > 0. To our knowledge, this is the first optimally collision secure double block length construction using a block cipher with single length key space. © International Association for Cryptologic Research 2012.status: publishe
Similar works
Full text
Available Versions
Crossref
See this paper in CORE
Go to the repository landing page
Download from data provider
info:doi/10.1007%2F978-3-642-3...
Last time updated on 30/03/2019
Lirias
See this paper in CORE
Go to the repository landing page
Download from data provider
oai:lirias2repo.kuleuven.be:12...
Last time updated on 10/12/2019