Cryptology ePrint Archive: Report 2008/012

The Encrypted Elliptic Curve Hash

Daniel R. L. Brown

Abstract: Bellare and Micciancio's MuHASH applies a pre-existing hash function to map indexed message blocks into a secure group. The resulting hash is the product. Bellare and Micciancio proved, in the random oracle model, that MuHASH is collision-resistant if the group's discrete logarithm problem is infeasible. MuHASH, however, relies on a pre-existing hash being collision resistant. In this paper, we remove such a reliance by replacing the pre-existing hash with a block cipher under a fixed key. We adapt Bellare and Micciancio's collision-resistance proof to the ideal cipher model. Preimage resistance requires us to add a further modification.

Category / Keywords: secret-key cryptography / Hash function, collision resistance

Date: received 7 Jan 2008, last revised 29 Apr 2008

Contact author: dbrown at certicom com

Available format(s): PDF | BibTeX Citation

Note: Now cited Ristenpart and Shrimpton

Version: 20080429:183902 (All versions of this report)

Short URL: ia.cr/2008/012

Discussion forum: Show discussion | Start new discussion