Multi-Property-Preserving Hash Domain Extension and the EMD Transform (2006)
| Venue: | Advances in Cryptology – ASIACRYPT 2006 |
| Citations: | 43 - 9 self |
BibTeX
@INPROCEEDINGS{Bellare06multi-property-preservinghash,
author = {Mihir Bellare and Thomas Ristenpart},
title = {Multi-Property-Preserving Hash Domain Extension and the EMD Transform},
booktitle = {Advances in Cryptology – ASIACRYPT 2006},
year = {2006},
pages = {299--314},
publisher = {Springer-Verlag}
}
Years of Citing Articles
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
Abstract We point out that the seemingly strong pseudorandom oracle preserving (PRO-Pr) propertyof hash function domain-extension transforms defined and implemented by Coron et. al. [12] can actually weaken our guarantees on the hash function, in particular producing a hash functionthat fails to be even collision-resistant (CR) even though the compression function to which the transform is applied is CR. Not only is this true in general, but we show that all the transformspresented in [12] have this weakness. We suggest that the appropriate goal of a domain extension transform for the next generation of hash functions is to be multi-property preserving, namelythat one should have a single transform that is simultaneously at least collision-resistance preserving, pseudorandom function preserving and PRO-Pr. We present an efficient new transformthat is proven to be multi-property preserving in this sense.
