The collision security of Tandem-DM in the ideal cipher model

CryptoDB

The collision security of Tandem-DM in the ideal cipher model

Authors:	Jooyoung Lee John P. Steinberger Martijn Stam
Download:	URL: http://eprint.iacr.org/2010/409 Search ePrint Search Google
Abstract:	We prove that Tandem-DM, one of the two ``classical'' schemes for turning a blockcipher of $2n$-bit key into a double block length hash function, has birthday-type collision resistance in the ideal cipher model. A collision resistance analysis for Tandem-DM achieving a similar birthday-type bound was already proposed by Fleischmann, Gorski and Lucks at FSE 2009. As we detail, however, the latter analysis is wrong, thus leaving the collision resistance of Tandem-DM as an open problem until now.

BibTeX

@misc{eprint-2010-23310,
  title={The collision security of Tandem-DM in the ideal cipher model},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / hash functions, block ciphers},
  url={http://eprint.iacr.org/2010/409},
  note={ jpsteinb@gmail.com 14814 received 22 Jul 2010, last revised 23 Jul 2010},
  author={Jooyoung Lee and John P. Steinberger and Martijn Stam},
  year=2010
}

International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

The collision security of Tandem-DM in the ideal cipher model

BibTeX

International Association for Cryptologic Research

International Associationfor Cryptologic Research

CryptoDB

The collision security of Tandem-DM in the ideal cipher model

BibTeX

International Association
for Cryptologic Research