Paper 2010/193

Speeding Up The Widepipe: Secure and Fast Hashing

Mridul Nandi and Souradyuti Paul

Abstract

In this paper we propose a new sequential mode of operation -- the \emph{Fast wide pipe} or FWP for short -- to hash messages of arbitrary length. The mode is shown to be (1) \emph{preimage-resistance preserving}, (2) \emph{collision-resistance-preserving} and, most importantly, (3) \emph{indifferentiable} from a random oracle up to $\mathcal{O}(2^{n/2})$ compression function invocations. In addition, our rigorous investigation suggests that any variants of Joux's multi-collision, Kelsey-Schneier 2nd preimage and Herding attack are also ineffective on this mode. This fact leads us to conjecture that the indifferentiability security bound of FWP can be extended beyond the birthday barrier. From the point of view of efficiency, this new mode, for example, is \textit{always} faster than the Wide-pipe mode when both modes use an identical compression function. In particular, it is nearly twice as fast as the Wide-pipe for a reasonable selection of the input and output size of the compression function. We also compare the FWP with several other modes of operation.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. A shorter version was published in Indocrypt 2010.
Contact author(s)
souradyuti paul @ nist gov
History
2010-12-24: last of 2 revisions
2010-04-09: received
See all versions
Short URL
https://ia.cr/2010/193
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/193,
      author = {Mridul Nandi and Souradyuti Paul},
      title = {Speeding Up The Widepipe: Secure and Fast Hashing},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/193},
      year = {2010},
      url = {https://eprint.iacr.org/2010/193}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.