One can find a collision for the JH compression function only with two backward queries to the basing primitive. However, the security is significantly enhanced in iteration. For $c\leq n/2$, we prove that the JH hash function using an ideal $n$-bit permutation and producing $c$-bit outputs by truncation is collision resistant up to $O(2^{c/2})$ queries. This bound implies that the JH hash function provides the optimal collision resistance in the random permutation model.
Category / Keywords: secret-key cryptography / hash functions Date: received 10 Jan 2011 Contact author: jlee05 at ensec re kr Available formats: PDF | BibTeX Citation Version: 20110114:041323 (All versions of this report) Discussion forum: Show discussion | Start new discussion