Cryptography and Coding

Volume 5921 of the series Lecture Notes in Computer Science pp 176-201

Another Glance at Double-Length Hashing

  • Onur ÖzenAffiliated withLACAL, EPFL
  • , Martijn StamAffiliated withLACAL, EPFL

* Final gross prices may vary according to local VAT.

Get Access


We propose a novel framework for blockcipher-based double-length hash functions by extending the recent generalization presented by Stam at FSE ’09 for single-call hash functions. We focus on compression functions compressing 3n bits to 2n bits that use one or two calls to a 2n-bit key, n-bit block blockcipher. In case of a single call, we concentrate on security in the iteration. In case of two calls, we restrict ourselves to two parallel calls (initially to distinct and independent blockciphers). We analyse the kind of pre- and postprocessing functions that are sufficient to obtain close to optimal collision resistance, either in the compression function or in the iteration. Our framework can be used to get a clearer understanding of a large class of double-length hash functions of this type.