International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

On the Design of Secure Double Block Length Hash Functions with Rate 1

Authors:
Zheng Gong
Xuejia Lai
Kefei Chen
Download:
URL: http://eprint.iacr.org/2008/110
Search ePrint
Search Google
Abstract: This paper reconsiders the security of the rate-1 double block length hash functions, which based on a block cipher with a block length of $n$-bit and a key length of $2n$-bit. Counter-examples and new attacks are presented on this general class of double block length hash functions with rate 1, which disclose there exist uncovered flaws in the former analysis given by Satoh \textit{et al.} and Hirose. Preimage and second preimage attacks are designed to break Hirose's two examples which were left as an open problem. Some refined conditions are proposed for ensuring this general class of the rate-1 hash functions to be optimally secure against the collision attack. In particular, two typical examples, which designed under the proposed conditions, are proven to be indifferentiable from the random oracle in the ideal cipher model. The security results are extended to a new class of double block length hash functions with rate 1, where one block cipher used in the compression function has the key length is equal to the block length, while the other is doubled.
BibTeX
@misc{eprint-2008-17787,
  title={On the Design of Secure Double Block Length Hash Functions with Rate 1},
  booktitle={IACR Eprint archive},
  keywords={Cryptanalysis, Block cipher, Hash construction, Double block length, Indifferentiability.},
  url={http://eprint.iacr.org/2008/110},
  note={ gongzheng@139.com 14030 received 12 Mar 2008, last revised 31 May 2008},
  author={Zheng Gong and Xuejia Lai and Kefei Chen},
  year=2008
}