Copy
Kan YASUDA, "Merkle-Damgård Hash Functions with Split Padding" in IEICE TRANSACTIONS on Fundamentals,
vol. E93-A, no. 1, pp. 76-83, January 2010, doi: 10.1587/transfun.E93.A.76.
Abstract: We introduce the "split padding" into a current Merkle-Damgård hash function H. The patched hash function satisfies the following properties: (i) is second-preimage-resistant (SPR) if the underlying compression function h satisfies an "SPR-like" property, and (ii) is one-way (OW) if h satisfies an "OW-like" property. The assumptions we make about h are provided with simple definitions and clear relations to other security notions. In particular, they belong to the class whose existence is ensured by that of OW functions, revealing an evident separation from the strong collision-resistance (CR) requirement. Furthermore, we get the full benefit from the patch at almost no expense: The new scheme requires no change in the internals of a hash function, runs as efficiently as the original, and as usual inherits CR from h.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E93.A.76/_p
Copy
@ARTICLE{e93-a_1_76,
author={Kan YASUDA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Merkle-Damgård Hash Functions with Split Padding},
year={2010},
volume={E93-A},
number={1},
pages={76-83},
abstract={We introduce the "split padding" into a current Merkle-Damgård hash function H. The patched hash function satisfies the following properties: (i) is second-preimage-resistant (SPR) if the underlying compression function h satisfies an "SPR-like" property, and (ii) is one-way (OW) if h satisfies an "OW-like" property. The assumptions we make about h are provided with simple definitions and clear relations to other security notions. In particular, they belong to the class whose existence is ensured by that of OW functions, revealing an evident separation from the strong collision-resistance (CR) requirement. Furthermore, we get the full benefit from the patch at almost no expense: The new scheme requires no change in the internals of a hash function, runs as efficiently as the original, and as usual inherits CR from h.},
keywords={},
doi={10.1587/transfun.E93.A.76},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Merkle-Damgård Hash Functions with Split Padding
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 76
EP - 83
AU - Kan YASUDA
PY - 2010
DO - 10.1587/transfun.E93.A.76
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E93-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2010
AB - We introduce the "split padding" into a current Merkle-Damgård hash function H. The patched hash function satisfies the following properties: (i) is second-preimage-resistant (SPR) if the underlying compression function h satisfies an "SPR-like" property, and (ii) is one-way (OW) if h satisfies an "OW-like" property. The assumptions we make about h are provided with simple definitions and clear relations to other security notions. In particular, they belong to the class whose existence is ensured by that of OW functions, revealing an evident separation from the strong collision-resistance (CR) requirement. Furthermore, we get the full benefit from the patch at almost no expense: The new scheme requires no change in the internals of a hash function, runs as efficiently as the original, and as usual inherits CR from h.
ER -