Indifferentiability of Single-Block-Length and Rate-1 Compression Functions
Summary :
The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They have shown that the Merkle-Damgård construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E90-A No.10 pp.2301-2308
- Publication Date
- 2007/10/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1093/ietfec/e90-a.10.2301
- Type of Manuscript
- PAPER
- Category
- Information Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Hidenori KUWAKADO, Masakatu MORII, "Indifferentiability of Single-Block-Length and Rate-1 Compression Functions" in IEICE TRANSACTIONS on Fundamentals,
vol. E90-A, no. 10, pp. 2301-2308, October 2007, doi: 10.1093/ietfec/e90-a.10.2301.
Abstract: The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They have shown that the Merkle-Damgård construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e90-a.10.2301/_p
Copy
@ARTICLE{e90-a_10_2301,
author={Hidenori KUWAKADO, Masakatu MORII, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Indifferentiability of Single-Block-Length and Rate-1 Compression Functions},
year={2007},
volume={E90-A},
number={10},
pages={2301-2308},
abstract={The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They have shown that the Merkle-Damgård construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above.},
keywords={},
doi={10.1093/ietfec/e90-a.10.2301},
ISSN={1745-1337},
month={October},}
Copy
TY - JOUR
TI - Indifferentiability of Single-Block-Length and Rate-1 Compression Functions
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 2301
EP - 2308
AU - Hidenori KUWAKADO
AU - Masakatu MORII
PY - 2007
DO - 10.1093/ietfec/e90-a.10.2301
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E90-A
IS - 10
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - October 2007
AB - The security notion of indifferentiability was proposed by Maurer, Renner, and Holenstein in 2004. In 2005, Coron, Dodis, Malinaud, and Puniya discussed the indifferentiability of hash functions. They have shown that the Merkle-Damgård construction is not secure in the sense of indifferentiability. In this paper, we analyze the security of single-block-length and rate-1 compression functions in the sense of indifferentiability. We formally show that all single-block-length and rate-1 compression functions, which include the Davies-Meyer compression function, are insecure. Furthermore, we show how to construct a secure single-block-length and rate-1 compression function in the sense of indifferentiability. This does not contradict our result above.
ER -
English
