2011 | OriginalPaper | Chapter
The Preimage Security of Double-Block-Length Compression Functions
Authors : Frederik Armknecht, Ewan Fleischmann, Matthias Krause, Jooyoung Lee, Martijn Stam, John Steinberger
Published in: Advances in Cryptology – ASIACRYPT 2011
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three “classical” double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose’s scheme. For Hirose’s scheme, we show that an adversary must make at least 2
2
n
− 5
block cipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. For Abreast-DM and Tandem-DM we show that at least 2
2
n
− 10
queries are necessary. These bounds improve upon the previous best bounds of Ω(2
n
) queries, and are optimal up to a constant factor since the compression functions in question have range of size 2
2
n
.