Hash Functions Based on Block Ciphers

  • Xucjia Lai
  • James L. Massey
Conference paper

DOI: 10.1007/3-540-47555-9_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 658)
Cite this paper as:
Lai X., Massey J.L. (1993) Hash Functions Based on Block Ciphers. In: Rueppel R.A. (eds) Advances in Cryptology — EUROCRYPT’ 92. EUROCRYPT 1992. Lecture Notes in Computer Science, vol 658. Springer, Berlin, Heidelberg


Iterated hash functions based on block ciphers are treated. Five attacks on an iterated hash function and on its round function are formulated. The wisdom of strengthening such hash functions by constraining the last block of the message to be hashed is stressed. Schemes for constructing m-bit and 2m-bit hash round functions from m-bit block ciphers are studied. A principle is formalized for evaluating the strength of hash round functions, viz., that applying computationally simple (in both directions) invertible transformations to the input and output of a hash round function yields a new hash round function with the same security. By applying this principle, four attacks on three previously proposed 2m-bit hash round functions are formulated. Finally, three new hash round functions based on an m-bit block cipher with a 2m-bit key are proposed.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Xucjia Lai
    • 1
  • James L. Massey
    • 1
  1. 1.Signal and Information Processing LaboratorySwiss Federal Institute of TechnologyZürichSwitzerland

Personalised recommendations