2010 | OriginalPaper | Buchkapitel
Collision Resistant Double-Length Hashing
verfasst von : Ewan Fleischmann, Christian Forler, Michael Gorski, Stefan Lucks
Erschienen in: Provable Security
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We give collision resistance bounds for blockcipher based, double-call, double-length hash functions using (
k
,
n
)-bit blockciphers with
k
>
n
. Özen and Stam recently proposed a framework [21] for such hash functions that use 3
n
-to-2
n
-bit compression functions and two parallel calls to two independent blockciphers with 2
n
-bit key and
n
-bit block size.
We take their analysis one step further. We first relax the requirement of two distinct and independent blockciphers. We then extend this framework and also allow to use the ciphertext of the first call to the blockcipher as an input to the second call of the blockcipher.
As far as we know, our extended framework currently covers any double-length, double-call blockcipher based hash function known in literature using a (2
n
,
n
)-bit blockcipher as,
e.g.
,
Abreast-DM
,
Tandem-DM
[15],
Cyclic-DM
[9] and Hirose’s FSE’06 proposal [13].
Our generic analysis gives a simpler proof as in the FSE’09 analysis of
Tandem-DM
by also tightening the security bound. The collision resistance bound for
Cyclic-DM
given in [9] diminishes with an increasing cycle length
c
. We improve this bound for cycle lengths larger than 2
6
.