On the Weak Ideal Compression Functions

Authors:
Akira Numayama;Keisuke Tanaka
Affiliations:
Department of Mathematical and Computing Sciences, Tokyo Institute of Technology, Tokyo, Japan 152-8552;Department of Mathematical and Computing Sciences, Tokyo Institute of Technology, Tokyo, Japan 152-8552
Venue:
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Year:
2009

Citing 9
Cited 0

A Design Principle for Hash Functions

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On the Strength of the Concatenated Hash Combiner When All the Hash Functions Are Weak

ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Constructing an ideal hash function from weak ideal compression functions

SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Security of digital signature schemes in weakened random oracle models

PKC'08 Proceedings of the Practice and theory in public key cryptography, 11th international conference on Public key cryptography
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Merkle-Damgård revisited: how to construct a hash function

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Second preimages on n-bit hash functions for much less than 2n work

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Herding hash functions and the nostradamus attack

EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

In SAC 2006, Liskov introduced the weak ideal compression functions. He proved that a hash construction based on these functions is indifferentiable from the random oracle. In ICALP 2008, Hoch and Shamir applied Liskov's idea and proved the indifferentiability of another hash construction. However, these proofs of indifferentiability can have gaps in certain situations. In this paper, we formalize these situations and propose the simulation method which covers these situations. In particular, we apply our simulation method to the latter proof of indifferentiability, and concretely analyze the security of the latter hash construction. We can derive a lower bound to find a collision in the concatenated hash construction, which covers the gaps of the original proof.