Results 1 
3 of
3
A failurefriendly design principle for hash functions
, 2005
"... Abstract. This paper reconsiders the established MerkleDamg˚ard design principle for iterated hash functions. The internal state size w of an iterated nbit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security ..."
Abstract

Cited by 53 (5 self)
 Add to MetaCart
(Show Context)
Abstract. This paper reconsiders the established MerkleDamg˚ard design principle for iterated hash functions. The internal state size w of an iterated nbit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security against certain attacks, even if the compression function fails to be collision resistant. We propose the widepipe hash, internally using a wbit compression function, and the doublepipe hash, with w = 2n and an nbit compression function used twice in parallel.
Design principles for iterated hash functions
 CRYPTOLOGY EPRINT ARCHIVE
, 2004
"... This paper deals with the security of iterated hash functions against generic attacks, such as, e.g., Joux’ multicollision attacks from Crypto 04 [6]. The core idea is to increase the size of the internal state of an nbit hash function to w> n bit. Variations of this core idea allow the use of ..."
Abstract

Cited by 34 (1 self)
 Add to MetaCart
This paper deals with the security of iterated hash functions against generic attacks, such as, e.g., Joux’ multicollision attacks from Crypto 04 [6]. The core idea is to increase the size of the internal state of an nbit hash function to w> n bit. Variations of this core idea allow the use of a compression function with n output bits, even if the compression function itself is based on a block cipher. In a formal model, it is shown that these modifications quantifiably improve the security of iterated hash functions against generic attacks.
Designs of Efficient Secure Large Hash Values
, 2005
"... A double length hash function is a 2nbit hash function based on an nbit compression function. To increase the security level, designs of good double length hash functions are important. In this paper we construct a class of maximally secure double length hash functions in random oracle model based ..."
Abstract
 Add to MetaCart
A double length hash function is a 2nbit hash function based on an nbit compression function. To increase the security level, designs of good double length hash functions are important. In this paper we construct a class of maximally secure double length hash functions in random oracle model based on some good permutations. This class contains recently proposed double length hash functions [16, 25]. We also propose an efficient double length hash function and study its security level in the random oracle model. We prove that any attack algorithm in the random oracle model needs Ω(2 n /(s 2 n s)) time complexity, where s is some parameter related to the rate of the hash function. Thus there is a tradeoff between the efficiency and security. We use the notion of computable message [29] to make the security analysis of proposed hash functions. We also see that the security analysis of hash functions based on random permutations and hash functions based on random functions are very much related. 1