International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2005: Advances in Cryptology - ASIACRYPT 2005 pp 474-494

A Failure-Friendly Design Principle for Hash Functions

  • Stefan Lucks
Conference paper

DOI: 10.1007/11593447_26

Volume 3788 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Lucks S. (2005) A Failure-Friendly Design Principle for Hash Functions. In: Roy B. (eds) Advances in Cryptology - ASIACRYPT 2005. ASIACRYPT 2005. Lecture Notes in Computer Science, vol 3788. Springer, Berlin, Heidelberg


This paper reconsiders the established Merkle-Damgård design principle for iterated hash functions. The internal state size w of an iterated n-bit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security against certain attacks, even if the compression function fails to be collision resistant. We propose the wide-pipe hash, internally using a w-bit compression function, and the double-pipe hash, with w=2n and an n-bit compression function used twice in parallel.


hash functionprovable securitymulti-collisionfailure- friendliness
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Stefan Lucks
    • 1
  1. 1.University of MannheimGermany