A failure-friendly design principle for hash functions

  • Authors:
  • Stefan Lucks

  • Affiliations:
  • University of Mannheim, Germany

  • Venue:
  • ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

This paper reconsiders the established Merkle-Damgård design principle for iterated hash functions. The internal state size w of an iterated n-bit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security against certain attacks, even if the compression function fails to be collision resistant. We propose the wide-pipe hash, internally using a w-bit compression function, and the double-pipe hash, with w=2n and an n-bit compression function used twice in parallel.