Cryptology ePrint Archive: Report 2010/566
Blockcipher-based Double-length Hash Functions for Pseudorandom Oracles
Abstract: The notion of PRO (pseudorandom oracle) is an important security notion of hash functions
because a PRO hash function inherits all properties of a random oracle up to the PRO bound (e.g., security against generic attacks, collision resistant security, preimage resistant security and so on).
In this paper, we propose a new block cipher-based double-length hash function for PROs.
Our hash function uses a single block cipher, which encrypts an $n$-bit string using a $2n$-bit key, and maps an input of arbitrary length to a $2n$-bit output.
Since many block ciphers supports a $2n$-bit key (e.g. AES supports a $256$-bit key),
the assumption to use the $2n$-bit key length block cipher is acceptable.
We prove that our hash function is PRO up to $\order(2^n)$ query complexity as long as the block cipher is an ideal cipher.
To our knowledge, this is the first time double-length hash function based on a single (practical size) block cipher with the birthday type PRO security.
Category / Keywords: secret-key cryptography /
Date: received 7 Nov 2010, last revised 10 May 2011
Contact author: tolucky tigers at gmail com
Available format(s): PDF | BibTeX Citation
Version: 20110511:021845 (All versions of this report)
Short URL: ia.cr/2010/566
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]