CryptoDB
Indifferentiability of Single-Block-Length and Rate-1 Compression Functions
| Authors: | |
|---|---|
| Download: | |
| Abstract: | The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They showed that the Merkle-Damgaard construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above. |
BibTeX
@misc{eprint-2006-21976,
title={Indifferentiability of Single-Block-Length and Rate-1 Compression Functions},
booktitle={IACR Eprint archive},
keywords={hash functions},
url={http://eprint.iacr.org/2006/485},
note={ kuwakado@kobe-u.ac.jp 13521 received 25 Dec 2006, last revised 7 Jan 2007},
author={Hidenori Kuwakado and Masakatu Morii},
year=2006
}