A Block-Cipher-Based Hash Function Using an MMO-Type Double-Block Compression Function
スポンサーリンク
概要
- 論文の詳細を見る
Methods to construct a hash function using an existing block cipher recently attract some interests as an approach to implement a hash function on constrained devices. It is often required to construct a hash function whose output length is larger than that of the underlying block cipher to provide sufficient level of collision resistance with the use of an existing block cipher. This article presents a new mode of double-block compression function, which is based on the mode proposed by Jonsson and Robshaw at PKC 2005. The mode can be instantiated with a block cipher whose key-length is larger than its block-length such as AES-192/256, PRESENT-128, etc. This article also provides provable security analyses to an iterated hash function using the proposed mode and the MDP domain extension. The security properties discussed are collision resistance, pseudorandom-function property of the keyed-via-IV mode, and the indifferentiability from a random oracle. It is shown, for instance, that the query complexity to differentiate the iterated hash function from a random oracle is optimal up to a constant factor in the ideal cipher model.
- 2012-02-23
著者
-
Hirose Shoichi
Graduate School Of Engineering The Univ. Of Fukui
-
Kuwakado Hidenori
Graduate School Of Engineering Kobe University
関連論文
- Differentiability of four prefix-free PGV hash functions
- A note on practical key derivation functions (情報処理)
- A Note on the Strength of Weak Collision Resistance(Discrete Mathematics and Its Applications)
- An Approximate Scheme of Oblivious Transfer with Probabilistic Receipt (Information Security)
- An Approximate Scheme of Oblivious Transfer with Probabilistic Receipt
- A note on practical key derivation functions (情報セキュリティ)
- Cancellation Moderating Factor Control for DS-CDMA Non-linear Interference Canceller with Antenna Diversity Reception(Wireless Communication Technology, Multi-dimensional Mobile Information Networks)
- Multistage Interference Canceller Combined with Adaptive Array Antenna for DS-CDMA System(Special Section on Multi-dimensional Mobile Information Networks)
- A Chosen-IV Key Recovery Attack on Py and Pypy
- Efficient Pseudorandom-Function Modes of a Block-Cipher-Based Hash Function
- A-6-8 Improved Bitslice Network for Computing the TIB3 S-Box
- Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets
- S-Box Bitslice Networks as Network Computing
- Compression Functions Suitable for the Multi-Property-Preserving Transform
- Sequential Bitwise Sanitizable Signature Schemes
- Generalized Classes of Weak Keys on RC4 Using Predictive State
- A-7-1 Related-Key Cube Attack on KATAN48
- A Note on Practical Key Derivation Functions
- An AES Based 256-bit Hash Function for Lightweight Applications: Lesamnta-LW
- Collision Resistance of Hash Functions in a Weak Ideal Cipher Model
- An AES Based 256-bit Hash Function for Lightweight Applications : Lesamnta-LW
- A Block-Cipher-Based Hash Function Using an MMO-Type Double-Block Compression Function
- A Block-Cipher-Based Hash Function Using an MMO-Type Double-Block Compression Function
- A Block-Cipher-Based Hash Function Using an MMO-Type Double-Block Compression Function
- Secure Regenerating Codes Based on Rashmi-Shah-Kumar MBR Codes
- Lightweight Hashing Mode Using Lesamnta-LW Compression Function and MDP Domain Extension
- Multilane Hashing Mode Suitable for Parallel Processing
- Lightweight Hashing Mode Using Lesamnta-LW Compression Function and MDP Domain Extension (ライフインテリジェンスとオフィス情報システム)