International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2011: Advances in Cryptology – ASIACRYPT 2011 pp 233-251

The Preimage Security of Double-Block-Length Compression Functions

  • Frederik Armknecht
  • Ewan Fleischmann
  • Matthias Krause
  • Jooyoung Lee
  • Martijn Stam
  • John Steinberger
Conference paper

DOI: 10.1007/978-3-642-25385-0_13

Volume 7073 of the book series Lecture Notes in Computer Science (LNCS)

Abstract

We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three “classical” double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose’s scheme. For Hirose’s scheme, we show that an adversary must make at least 22n − 5 block cipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. For Abreast-DM and Tandem-DM we show that at least 22n − 10 queries are necessary. These bounds improve upon the previous best bounds of Ω(2n) queries, and are optimal up to a constant factor since the compression functions in question have range of size 22n.

Keywords

Hash FunctionPreimage ResistanceBlock CipherBeyond Birthday BoundFoundations
Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Frederik Armknecht
    • 1
  • Ewan Fleischmann
    • 2
  • Matthias Krause
    • 1
  • Jooyoung Lee
    • 3
  • Martijn Stam
    • 4
  • John Steinberger
    • 5
  1. 1.Arbeitsgruppe Theoretische Informatik und DatensicherheitUniversity of MannheimGermany
  2. 2.Chair of Media SecurityBauhaus-University WeimarGermany
  3. 3.Faculty of Mathematics and StatisticsSejong UniversitySeoulKorea
  4. 4.Dept. of Computer ScienceUniversity of BristolUnited Kingdom
  5. 5.Institute of Theoretical Computer ScienceTsinghua UniversityBeijingChina