On the collision and preimage security of MDC-4 in the ideal cipher model
作者: Bart Mennink
DOI: 10.1007/S10623-013-9813-8
关键词:
摘要: We present a collision and preimage security analysis of MDC-4, 24-years-old construction for transforming an n-bit block cipher into 2n-bit hash function. start with MDC-4 based on one single cipher, prove that any adversary query access to the underlying requires at least $$2^{5n/8}$$ queries (asymptotically) find collision. For resistance, we surprising negative result: target image same left right half, full function can be found in $$2^n$$ queries. Yet, restricted images different halves, $$2^{5n/4}$$ are required preimage. Next, consider two independent ciphers, model is less general but closer original design, bound apply compression design. With these results, first formally confirm offers higher level provable compared MDC-2.
springer.com
yp.to 参考文章(21)
Bart Mennink, Optimal Collision Security in Double Block Length Hashing with Single Length Key Advances in Cryptology – ASIACRYPT 2012. pp. 526- 543 ,(2012) , 10.1007/978-3-642-34961-4_32
Ewan Fleischmann, Christian Forler, Stefan Lucks, The Collision Security of MDC-4 Progress in Cryptology - AFRICACRYPT 2012. pp. 252- 269 ,(2012) , 10.1007/978-3-642-31410-0_16
John P. Steinberger, The Collision Intractability of MDC-2 in the Ideal-Cipher Model international cryptology conference. pp. 34- 51 ,(2007) , 10.1007/978-3-540-72540-4_3
Ewan Fleischmann, Michael Gorski, Stefan Lucks, Security of Cyclic Double Block Length Hash Functions Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding. pp. 153- 175 ,(2009) , 10.1007/978-3-642-10868-6_10
Dimitar Jetchev, Onur Özen, Martijn Stam, Collisions are not incidental: a compression function exploiting discrete geometry theory of cryptography conference. pp. 303- 320 ,(2012) , 10.1007/978-3-642-28914-9_17
Jooyoung Lee, Martijn Stam, John Steinberger, The collision security of tandem-DM in the ideal cipher model international cryptology conference. ,vol. 2010, pp. 561- 577 ,(2011) , 10.1007/978-3-642-22792-9_32
Ivan Bjerre Damgård, A design principle for hash functions international cryptology conference. pp. 416- 427 ,(1989) , 10.1007/0-387-34805-0_39
Jonathan Oseas, Stephen M. Matyas, Don Coppersmith, Bruno O. Brachtl, Michael Schilling, Carl H. W. Meyer, Myrna M. Hyden, Shaiy Pilpel, Data authentication using modification detection codes based on a public one way encryption function ,(1987)
Lars R. Knudsen, Florian Mendel, Christian Rechberger, Søren S. Thomsen, Cryptanalysis of MDC-2 international cryptology conference. pp. 106- 120 ,(2009) , 10.1007/978-3-642-01001-9_6
Ralph C. Merkle, One way hash functions and DES international cryptology conference. pp. 428- 446 ,(1989) , 10.1007/0-387-34805-0_40