Paper 2009/265

Revisiting the Indifferentiability of PGV Hash Functions

Yiyuan Luo, Zheng Gong, Ming Duan, Bo Zhu, and Xuejia Lai

Abstract

In this paper, first we point out some flaws in the existing indifferentiability simulations of the pf-MD and the NMAC constructions, and provide new differentiable attacks on the hash functions based these schemes. Afterthat, the indifferentiability of the 20 collision resistant PGV hash functions, which are padded under the pf-MD, the NMAC/HMAC and the chop-MD constructions, are reconsidered. Moreover, we disclose that there exist 4 PGV schemes can be differentiable from a random oracle with the pf-MD among 16 indifferentiable PGV schemes proven by Chang et al. Finally, new indifferentiability simulations are provided for 20 collision-resistant PGV schemes. The simulations exploit that 20 collision-resistant PGV hash functions, which implemented with the NMAC/HMAC and the chop-MD, are indifferentiable from a random oracle. Our result implies that same compression functions under MD variants might have the same security bound with respect to the collision resistance, but quite different in the view of indifferentiability.

Metadata
Available format(s)
PDF PS
Category
Foundations
Publication info
Published elsewhere. Unknown where it was published
Keywords
IndifferentiabilityPGVhash functions
Contact author(s)
luoyiyuan @ sjtu edu cn
History
2009-06-09: received
Short URL
https://ia.cr/2009/265
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/265,
      author = {Yiyuan Luo and Zheng Gong and Ming Duan and Bo Zhu and Xuejia Lai},
      title = {Revisiting the Indifferentiability of PGV Hash Functions},
      howpublished = {Cryptology ePrint Archive, Paper 2009/265},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/265}},
      url = {https://eprint.iacr.org/2009/265}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.