Hash functions based on block ciphers: a synthetic approach
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Security of iterated hash functions based on block ciphers
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions from PGV
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
The MD4 Message Digest Algorithm
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
How to Protect DES Against Exhaustive Key Search
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
A Construction of a Cioher From a Single Pseudorandom Permutation
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
The Collision Intractability of MDC-2 in the Ideal-Cipher Model
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Constructing Cryptographic Hash Functions from Fixed-Key Blockciphers
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Blockcipher-Based Hashing Revisited
Fast Software Encryption
Fast Software Encryption
Security of Cyclic Double Block Length Hash Functions
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Security/efficiency tradeoffs for permutation-based hashing
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
MJH: a faster alternative to MDC-2
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
The collision security of tandem-DM in the ideal cipher model
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Efficient hashing using the AES instruction set
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Some attacks against a double length hash proposal
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Security analysis of a 2/3-rate double length compression function in the black-box model
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Some plausible constructions of double-block-length hash functions
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Provably secure double-block-length hash functions in a black-box model
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
The preimage security of double-block-length compression functions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
We present Weimar-DM, a double length compression function using two calls to a block cipher with 2n-bit key and n-bit block size to compress a 3n-bit string to a 2n-bit one. For Weimar-DM, we show that for n=128, no adversary asking less than 2n−1.77=2126.23 queries can find a collision with probability greater than 1/2. This is the highest collision security bound ever shown for such a compression function. Even more important, our security analysis is much simpler than that for comparable functions as, e.g., Tandem-DM, Abreast-DM or Hirose-DM. We also give a preimage security analysis of Weimar-DM showing a near-optimal bound of 22n−5=2251 queries. Our security bounds are asymptotically optimal.