Browse > Article
http://dx.doi.org/10.13089/JKIISC.2004.14.1.101

Construction of UOWHF based on Block Cipher  

이원일 (고려대학교 정보보호기술연구센터)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.14, no.1, 2004 , pp. 101-111 More about this Journal
Abstract
Preneel, Govaerts, and Vandewalle considered the 64 basic ways to construct a collision resistant hash function from a block cipher. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. Black, Rogaway, and Shrimpton presented a more proof-centric look at the schemes from PGV. They proved that, in the black box model of block cipher, 12 of 64 compression functions are CRHFs and 20 of 64 extended hash functions are CRHFs. In this paper, we present 64 schemes of block-cipher-based universal one way hash functions using the main idea of PGV and analyze these schemes in the black box model. We will show that 30 of 64 compression function families UOWHF and 42 of 64 extended hash function families are UOWHF. One of the important results is that, in this black box model, we don't need the mask keys for the security of UOWHF in contrast with the results in general security model of UOWHF. Our results also support the assertion that building an efficient and secure UOWHF is easier than building an efficient and secure CRHF.
Keywords
Block cipher; Cryptographic hash function; CRHF; UOWHF; Proving security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Bellare. and P. Rogaway, 'Collision resistent hashing: towards making UOWHFs practical,' Proceedings of CRYPT0'97. pp 470-484. 1997
2 Donghoon Chang, Jaechul Sung, Soo-hak Sung, Sangjin Lee, Jongin Lim. 'Full-Round Differential Attack on the Original Version of the Hash Function Proposed at PKC'98,' SAC2002. pp. 168-182, 2002
3 I. B. Damgard. 'A design principle for hash functions,' CRYPT0'89. LNCS 435, pp.416-427, 1990
4 J. Kilian and P. Rogaway, 'How to protect DES against exhaustive key search,' Journal of Cryptology. 14(1): pp. 17-35, 2001. Earlier version in CRYPTO' 96   DOI   ScienceOn
5 W. Lee, D. Chang. S. Lee, S. Sung, and M. Nandi. 'New Prallel Domain Extender for UOWHF,' ASIACRYPT'03, LNCS 2894. pp. 208-227, Dec 2003
6 R. Winternitz, 'A secure one-way hash function built from DES,' In Proceedings of the IEEE Symposium on Information Security and Privacy. IEEE Press, pp. 88-90, 1984
7 S. Even and Y. Mansour, 'A Construction of a cipher from a single pseudorandom pormutation,' ASIACRYPT'91, LNCS Vol. 739, pp. 210-224, 1992
8 V.Shoup. 'A composition theorem for universal one-way hash functions, EUROCRYPT 2000, pp. 445-452, 2000
9 R. C. Merkle. 'One way hash functions and DES,' CRYPT0'89, 1989
10 F. Chabaud and A. Joux. 'Differential Collisions in SHA-O,' CRYPT0'98, LNCS 1462. Springer-Verlag, pp. 56-71, 1998
11 C. Shannon, 'Communication Theory of Secrecy Syetems,' Bell Systems Technical Journal, 28(4): pp. 656-715, 1949   DOI
12 B. Preneel, R. Govaerts and J. Vandewalle, 'Hash functions based on block ciphers:A synthetic approach,' CRYPT0'93, LNCS, pp. 368-378. 1994
13 I. Mironov. 'Hash functions: from Merkle-Damgard to Shoup,' EUROCRYPT 2001. pp. 166-181, 2001
14 M. Naor and M. Yung. 'Universal one-way hash functions and their cryptographic applications,' ACM Symposium on Theory of Computing. pp. 33-43. 1989
15 I. B. Damgard. 'Collision free hash functions and public key signature schemes,' EUR0CRYPT'87, LNCS,304, pp. 203-216, 1988
16 J. Black, P. Rogaway and T. Shrimpton, 'Black-Box Analysis of the Block- Cipher-Based Hash-Function Constructions from PGV,' CRYPT0'02, LNCS Vo1.2442, pp. 320-335, 2002
17 H. Dobbertin. 'Cryptanalysis of MD4,' Fast Software Encryption, LNCS 1039, Springer- Verlag, pp. 53-69, 1996