Paper 2006/467
Do We Need to Vary the Constants? (Methodological Investigation of Block-Cipher Based Hash Functions)
Donghoon Chang and Moti Yung
Abstract
The recent collision attacks on the MD hash function family do not depend
on the constants used in the function, but rather on its structure
(i.e., changing the constants will not affect the differential analysis
based attacks). Thus, is seems that the role of constants in maintaining
security and preventing these attacks is unclear, at best, for this case
and in particular fixing or varying the constants will not matter
for these analyses.
%
In this work we present a methodological investigation into the case
of block-cipher based PGV hash functions family, and investigate the
importance of constants in securing these designs.
%
To this end we consider the
twelve variants of the PGV family that yield secure
hash in the generic ideal cipher case (as was shown by
Black, Rogaway and Shrimpton), but consider them under concrete
instantiation.
%
%
To investigate the role of constant in the key derivation procedure we
just ignore the constants. In this more uniform setting we further
consider a very regular cipher, namely AES modified to have Mixcolumn
also in the last round (which should still be a strong cipher).
%
Analyzing this modified-AES based hashing, we show that with about 16\%
probability we can find collisions with complexity
Metadata
- Available format(s)
- PDF PS
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- Hash FunctionCollision AttackBlock Cipher.
- Contact author(s)
- pointchang @ gmail com
- History
- 2006-12-11: revised
- 2006-12-11: received
- See all versions
- Short URL
- https://ia.cr/2006/467
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2006/467, author = {Donghoon Chang and Moti Yung}, title = {Do We Need to Vary the Constants? (Methodological Investigation of Block-Cipher Based Hash Functions)}, howpublished = {Cryptology {ePrint} Archive, Paper 2006/467}, year = {2006}, url = {https://eprint.iacr.org/2006/467} }