In this paper we propose the HAsh Iterative FrAmework (HAIFA). Our framework can fix many of the flaws while supporting several additional properties such as defining families of hash functions and supporting variable hash size. HAIFA allows for an online computation of the hash function in one pass with a fixed amount of memory independently of the size of the message.
Besides our proposal, the recent attacks initiated research on the way compression functions are to be iterated. We show that most recent proposals such as randomized hashing, the enveloped Merkle-Damgard, and the RMC and ROX modes can be all be instantiated as part of the HAsh Iterative FrAmework (HAIFA).Category / Keywords: secret-key cryptography / Merkle-Damgard, randomized hashing, Enveloped Merkle-Damgard, RMC, ROX, Wide pipe, HAIFA Date: received 20 Jul 2007, last revised 8 Aug 2007 Contact author: orr dunkelman at esat kuleuven be Available format(s): PDF | BibTeX Citation Version: 20070808:171203 (All versions of this report) Short URL: ia.cr/2007/278 Discussion forum: Show discussion | Start new discussion