Designs, Codes and Cryptography

, Volume 76, Issue 2, pp 179–205

MJH: a faster alternative to MDC-2


DOI: 10.1007/s10623-014-9936-6

Cite this article as:
Lee, J. & Stam, M. Des. Codes Cryptogr. (2015) 76: 179. doi:10.1007/s10623-014-9936-6


In this paper, we introduce a new class of double-block-length hash functions. Using the ideal cipher model, we prove that these hash functions, dubbed MJH, are asymptotically collision resistant up to \(O(2^{n(1-\epsilon )})\) query complexity for any \(\epsilon >0\) in the iteration, where \(n\) is the block size of the underlying blockcipher. When based on \(n\)-bit key blockciphers, our construction, being of rate 1/2, provides better provable security than MDC-2, the only known construction of a rate-1/2 double-length hash function based on an \(n\)-bit key blockcipher with non-trivial provable security. Moreover, since key scheduling is performed only once per message block for MJH, our proposal significantly outperforms MDC-2 in efficiency. When based on a \(2n\)-bit key blockcipher, we can use the extra \(n\) bits of key to increase the amount of payload accordingly. Thus we get a rate-1 hash function that is much faster than existing proposals, such as Tandem-DM with comparable provable security. This is the full version of Lee and Stam (A faster alternative to MDC-2, 2011).


Hash function Blockcipher Provable security Collision resistance 

Mathematics Subject Classification


Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  1. 1.Sejong UniversitySeoulKorea
  2. 2.University of BristolBristolUK

Personalised recommendations