International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Zheng Gong

Affiliation: South China Normal University

Publications

Year
Venue
Title
2008
EPRINT
On the Design of Secure Double Block Length Hash Functions with Rate 1
Zheng Gong Xuejia Lai Kefei Chen
This paper reconsiders the security of the rate-1 double block length hash functions, which based on a block cipher with a block length of $n$-bit and a key length of $2n$-bit. Counter-examples and new attacks are presented on this general class of double block length hash functions with rate 1, which disclose there exist uncovered flaws in the former analysis given by Satoh \textit{et al.} and Hirose. Preimage and second preimage attacks are designed to break Hirose's two examples which were left as an open problem. Some refined conditions are proposed for ensuring this general class of the rate-1 hash functions to be optimally secure against the collision attack. In particular, two typical examples, which designed under the proposed conditions, are proven to be indifferentiable from the random oracle in the ideal cipher model. The security results are extended to a new class of double block length hash functions with rate 1, where one block cipher used in the compression function has the key length is equal to the block length, while the other is doubled.
2008
EPRINT
On the Design of Secure and Fast Double Block Length Hash Functions
Zheng Gong Xuejia Lai Kefei Chen
This paper reconsiders the security of the rate-1 double block length hash functions, which based on a block cipher with a block length of $n$-bit and a key length of $2n$-bit. Counter-examples and new attacks are presented on this general class of double block length hash functions with rate 1, which disclose there exist uncovered flaws in the former analysis given by Satoh \textit{et al.} and Hirose. Preimage and second preimage attacks are designed to break Hirose's two examples which were left as an open problem. Some refined conditions are proposed for ensuring this general class of the rate-1 hash functions to be optimally secure against the collision attack. In particular, two typical examples, which designed under the proposed conditions, are proven to be indifferentiable from the random oracle in the ideal cipher model. The security results are extended to a new class of double block length hash functions with rate 1, where one block cipher used in the compression function has the key length is equal to the block length, while the other is doubled.
2007
EPRINT
A Synthetic Indifferentiability Analysis of Block Cipher based Hash Functions
Zheng Gong Xuejia Lai Kefei Chen
Nowadays, investigating what construction is better to be a cryptographic hash function is red hot. In TCC'04, Maurer et al. first introduced the notion of indifferentiability as a generalization of the concept of the indistinguishability of two cryptosystems. In AsiaCrypt 06, Chang et al. analyzed the indifferentiability security of some popular block-cipher-based hash functions, such as PGV constructions and MDC-2. In this paper, we investigate Chang et al.'s analysis of PGV constructions and the PBGV double block length constructions. In particular, we point out a more precise adversarial advantage of indifferentiability, by considering the two situations that whether the hash function is either keyed or not. Furthermore, Chang et al. designed attacks on 4 PGV hash functions and PBGV hash function to prove they are differentiable from random oracle with prefix-free padding. We find a limitation in their differentiable attacks and construct our simulations to obtain the controversy results that those schemes are indifferentiable from random oracle with prefix-free padding and some other popular constructions.

Coauthors

Kefei Chen (3)
Xuejia Lai (3)