A Simple Variant of the Merkle–Damgård Scheme with a Permutation
We propose a new composition scheme for hash functions. It is a variant of the Merkle–Damgård construction with a permutation applied right before the processing of the last message block. We analyze the security of this scheme using the indifferentiability formalism, which was first adopted by Coron et al. to the analysis of hash functions. We also study the security of simple MAC constructions out of this scheme. Finally, we discuss the random oracle indifferentiability of this scheme with a double-block-length compression function or the Davies–Meyer compression function composed of a block cipher.
Key wordsHash function Merkle–Damgård construction Random oracle Ideal cipher Indifferentiability Pseudorandom function MAC
Unable to display preview. Download preview PDF.
- J.H. An, M. Bellare, Constructing VIL-MACs from FIL-MACs: message authentication under weakened assumptions, in Advances in Cryptology—CRYPTO’99. LNCS, vol. 1666 (1999), pp. 252–269 Google Scholar
- M. Bellare, R. Canetti, H. Krawczyk, Keying hash functions for message authentication, in Advances in Cryptology—CRYPTO’96. LNCS, vol. 1109 (1996), pp. 1–15 Google Scholar
- M. Bellare, R. Canetti, H. Krawczyk, Pseudorandom functions revisited: the cascade construction and its concrete security, in Proc. of FOCS’96 (1996), pp. 514–523 Google Scholar
- B. den Boer, A. Mosselaers, Collisions for the compression function of MD5, in Advances in Cryptology—EUROCRYPT’93. LNCS, vol. 765 (1994), pp. 293–304 Google Scholar
- I. Damgård, A design principle for hash functions, in Advances in Cryptology—CRYPTO’89. LNCS, vol. 435 (1989), pp. 416–427 Google Scholar
- J. Kelsey, in Public Comments on the Draft Federal Information Processing Standard (FIPS) Draft FIPS 180-2, Secure Hash Standard (SHS) (2001) Google Scholar
- R. Merkle, One way hash functions and DES, in Advances in Cryptology—CRYPTO’89. LNCS, vol. 435 (1989), pp. 428–446 Google Scholar
- B. Preneel, R. Govaerts, J. Vandewalle, Hash functions based on block ciphers: a synthetic approach, in Advances in Cryptology—CRYPTO’93. LNCS, vol. 773 (1994), pp. 368–378 Google Scholar
- K. Yasuda, HMAC without the “second” key, in Information Security—ISC 2009. LNCS, vol. 5735 (2009), pp. 443–458 Google Scholar