Indifferentiability of Single-Block-Length and Rate-1 Compression Functions

スポンサーリンク

概要

• 論文の詳細を見る

• The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They have shown that the Merkle-Damgard construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above.

• 社団法人電子情報通信学会の論文
• 2007-10-01

著者

• Morii Masakatu

  Kobe University

• Kuwakado Hidenori

  Kobe University

関連論文

• Threshold Ring Signature Scheme Based on the Curve (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
• Indifferentiability of Single-Block-Length and Rate-1 Compression Functions
• Secure Length-Preserving All-or-Nothing Transform (特集 多様な社会的責任を担うコンピュータセキュリティ技術)
• Slide Property of RAKAPOSHI and Its Application to Key Recovery Attack
• Slide Property of RAKAPOSHI and Its Application to Key Recovery Attack
• Secure Length-Preserving All-or-Nothing Transform
• Secure Length-Preserving All-or-Nothing Transform
• Length-preserving CBC Enciphering Scheme and Its Security Analysis
• Length-preserving CBC Enciphering Scheme and Its Security Analysis

スポンサーリンク