MJH: A Faster Alternative to MDC-2

  • Jooyoung Lee
  • Martijn Stam
Conference paper

DOI: 10.1007/978-3-642-19074-2_15

Part of the Lecture Notes in Computer Science book series (LNCS, volume 6558)
Cite this paper as:
Lee J., Stam M. (2011) MJH: A Faster Alternative to MDC-2. In: Kiayias A. (eds) Topics in Cryptology – CT-RSA 2011. CT-RSA 2011. Lecture Notes in Computer Science, vol 6558. Springer, Berlin, Heidelberg


In this paper, we introduce a new class of double-block-length hash functions. In the ideal cipher model (for n-bit blocks), we prove that these hash functions, dubbed MJH, are provably collision resistant up to \(O(2^{\frac{2n}{3}-\log n})\) queries in the iteration.

When based on n-bit key blockciphers, our construction provides better provable security than MDC-2, the only known construction of a rate-1/2 double-length hash function based on an n-bit key blockcipher with non-trivial provable security. Moreover, since key scheduling is performed only once per message block for MJH, our proposal significantly outperforms MDC-2 in efficiency.

When based on a 2n-bit key blockcipher, we can use the extra n bits of key to increase the amount of payload accordingly. Thus we get a rate-1 hash function that is much faster than existing proposals, such as Tandem-DM, at the expense of (for the moment) reduced provable security.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Jooyoung Lee
    • 1
  • Martijn Stam
    • 2
  1. 1.The Attached Institute of Electronics and Telecommunications Research InstituteDaejeonKorea
  2. 2.Royal Holloway, University of LondonEghamUnited Kingdom

Personalised recommendations