Abstract
Constructions for hash functions based on a block cipher are studied where the size of the hashcode is equal to the block length of the block cipher and where the key size is approximately equal to the block length. A general model is presented, and it is shown that this model covers 9 schemes that have appeared in the literature. Within this general model 64 possible schemes exist, and it is shown that 12 of these are secure; they can be reduced to 2 classes based on linear transformations of variables. The properties of these 12 schemes with respect to weaknesses of the underlying block cipher are studied. The same approach can be extended to study keyed hash functions (MAC’s) based on block ciphers and hash functions based on modular arithmetic. Finally a new attack is presented on a scheme suggested by R. Merkle..
N.F.W.O. postdoctoral researcher, sponsored by the National Fund for Scientific Research (Belgium).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
S.G. Akl, “On the security of compressed encodings,” Advances in Cryptology, Proc. Crypto’83, D. Chaum, Ed., Plenum Press, New York, 1984, pp. 209–230.
E. Biham and A. Shamir, “Differential cryptanalysis of DES-like cryptosystems,” Journal of Cryptology, Vol. 4, No. 1, 1991, pp. 3–72.
L. Brown, J. Pieprzyk, and J. Seberry, “LOKI — a cryptographic primitive for authentication and secrecy applications,” Advances in Cryptology, Proc. Auscrypt’90, LNCS 453, J. Seberry and J. Pieprzyk, Eds., Springer-Verlag, 1990, pp. 229–236.
I.B. Damgård, “Collision free hash functions and public key signature schemes,” Advances in Cryptology, Proc. Eurocrypt’87, LNCS 304, D. Chaum and W.L. Price, Eds., Springer-Verlag, 1988, pp. 203–216.
I.B. Damgård, “A design principle for hash functions,” Advances in Cryptology, Proc. Crypto’89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 416–427.
D. Davies and W. L. Price, “The application of digital signatures based on public key cryptosystems,” NPL Report DNACS 39/80, December 1980.
D. Davies, “Applying the RSA digital signature to electronic mail,” IEEE Computer, Vol. 16, February 1983, pp. 55–62.
D. Davies and W. L. Price, “Digital signatures, an update,” Proc. 5th International Conference on Computer Communication, October 1984, pp. 845–849.
D. Denning, “Digital signatures with RSA and other public-key cryptosystems,” Communications ACM, Vol. 27, April 1984, pp. 388–392.
FIPS 46, “Data Encryption Standard,” Federal Information Processing Standard, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977.
FIPS 81, “DES Modes of operation,” Federal Information Processing Standard, National Bureau of Standards, US Department of Commerce, Washington D.C., December 1980.
M. Girault, “Hash-functions using modulo-n operations,” Advances in Cryptology, Proc. Eurocrypt’87, LNCS 304, D. Chaum and W.L. Price, Eds., Springer-Verlag, 1988, pp. 217–226.
ISO/IEC 9797, “Information technology-Data cryptographic techniques-Data integrity mechanisms using a cryptographic check function employing a block cipher algorithm,” 1993.
ISO/IEC 10116, “Information technology-Security techniques-Modes of operation of an n-bit block cipher algorithm,” 1991.
“Hash functions using a pseudo random algorithm,” ISO-IEC/JTC1/SC27/WG2 N98, Japanese contribution, 1991.
ISO/IEC 10118, “Information technology-Security techniques-Hash-functions-Part 1: General and Part 2: Hash-functions using an n-bit block cipher algorithm,” 1993.
X. Lai and J.L. Massey “Hash functions based on block ciphers,” Advances in Cryptology, Proc. Eurocrypt’92, LNCS 658, R.A. Rueppel, Ed., Springer-Verlag, 1993, pp. 55–70.
S.M. Matyas, C.H. Meyer, and J. Oseas, “Generating strong one-way functions with cryptographic algorithm,” IBM Techn. Disclosure Bull., Vol. 27, No. 10A, 1985, pp. 5658–5659.
R. Merkle, “Secrecy, Authentication, and Public Key Systems,” UMI Research Press, 1979.
R. Merkle, “One way hash functions and DES,” Advances in Cryptology, Proc. Crypto’89, LNCS 435, G. Brassard, Ed., Springer-Verlag, 1990, pp. 428–446.
R. Merkle, “A fast software one-way hash function,” Journal of Cryptology, Vol. 3, No. 1, 1990, pp. 43–58.
C.H. Meyer and M. Schilling, “Secure program load with Manipulation Detection Code,” Proc. Securicom 1988, pp. 111–130.
C. Mitchell, F. Piper, and P. Wild, “Digital signatures,” in “Contemporary Cryptology: The Science of Information Integrity,” G.J. Simmons, Ed., IEEE Press, 1991, pp. 325–378.
S. Miyaguchi, M. Iwata, and K. Ohta, “New 128-bit hash function,” Proc. 4th International Joint Workshop on Computer Communications, Tokyo, Japan, July 13–15, 1989, pp. 279–288.
S. Miyaguchi, K. Ohta, and M. Iwata, “Confirmation that some hash functions are not collision free,” Advances in Cryptology, Proc. Eurocrypt’90, LNCS 473, I.B. Damgård, Ed., Springer-Verlag, 1991, pp. 326–343.
B. Preneel, R. Govaerts, and J. Vandewalle, “On the power of memory in the design of collision resistant hash functions,” Advances in Cryptology, Proc. Auscrypt’92, LNCS 718, J. Seberry and Y. Zheng, Eds., Springer-Verlag, 1993, pp. 105–121
B. Preneel, “Cryptographic hash functions,” Kluwer Academic Publishers, 1994.
M.O. Rabin, “Digitalized signatures,” in “Foundations of Secure Computation,” R. Lipton and R. DeMillo, Eds., Academic Press, New York, 1978, pp. 155–166.
R.L. Rivest, “The MD4 message digest algorithm,” Advances in Cryptology, Proc. Crypto’90, LNCS 537, S. Vanstone, Ed., Springer-Verlag, 1991, pp. 303–311.
K. Van Espen and J. Van Mieghem, “Evaluatie en Implementatie van Authentiseringsalgoritmen (Evaluation and Implementation of Authentication Algorithms — in Dutch),” ESAT Laboratorium, Katholieke Universiteit Leuven, Thesis grad. eng., 1989.
R.S. Winternitz, “Producing a one-way hash function from DES,” Advances in Cryptology, Proc. Crypto’83, D. Chaum, Ed., Plenum Press, New York, 1984, pp. 203–207.
R.S. Winternitz, “A secure one-way hash function built from DES,” Proc. IEEE Symposium on Information Security and Privacy 1984, 1984, pp. 88–90.
G. Yuval, “How to swindle Rabin,” Cryptologia, Vol. 3, 1979, pp. 187–189.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Preneel, B., Govaerts, R., Vandewalle, J. (1994). Hash functions based on block ciphers: a synthetic approach. In: Stinson, D.R. (eds) Advances in Cryptology — CRYPTO’ 93. CRYPTO 1993. Lecture Notes in Computer Science, vol 773. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48329-2_31
Download citation
DOI: https://doi.org/10.1007/3-540-48329-2_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57766-9
Online ISBN: 978-3-540-48329-8
eBook Packages: Springer Book Archive