Cryptology ePrint Archive: Report 2007/465

A Synthetic Indifferentiability Analysis of Some Block-Cipher-Based Hash Functions

Zheng Gong and Xuejia Lai and Kefei Chen

Abstract: At ASIACRYPT 2006, Chang et al. analyzed the indifferentiability of some popular hash functions based on block ciphers, namely, the twenty collision resistant PGV, the MDC2 and the PBGV hash functions, etc. In particular, two indifferentiable attacks were presented on the four of the twenty collision resistant PGV and the PBGV hash functions with the prefix-free padding. In this article, a synthetic indifferentiability analysis of some block-cipher-based hash functions is considered. First, a more precise definition is proposed on the indifferentiability adversary in block-cipher-based hash functions. Next, the advantage of indifferentiability is separately analyzed by considering whether the hash function is keyed or not. Finally, a limitation is observed in Chang et al.'s indifferentiable attacks on the four PGV and the PBGV hash functions. The formal proofs show the fact that those hash functions are indifferentiable from a random oracle in the ideal cipher model with the prefix-free padding, the NMAC/HMAC and the chop construction.

Category / Keywords: Block-cipher-based hash function, Indifferentiability, Random oracle.

Publication Info: The paper has been published on Designs, Codes & Cryptography, Springer. 48:3 September 2008

Date: received 11 Dec 2007, last revised 12 Aug 2009

Contact author: cis gong at gmail com

Available format(s): PDF | BibTeX Citation

Note: A mistake in the indifferentiability simulation of PGV and PBGV is fixed.

Version: 20090812:081652 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]