**Active Domain Expansion for Normal Narrow-pipe Hash Functions**

*Xigen Yao*

**Abstract: **Recently several reports of Cryptology ePrint Archive showed the discovering that for
a normal iterative hash function the entropy and codomain would reduce greatly,then some conclusions were given: Narrow-pipe hash functions couldn't resist this reducing (But wide-pipe hash functions could.),and generic collision
attacks on narrow-pipe hash functions would be faster than birthday paradox.The discovering and conclusions rely on the cases of active domain reducing which causes the empty set of a approximative probability $e^{-1}$ in a iteration.However,we can thwart the conclusions by the way of Active Domain Expansion to keep or recover the entropy , by some amending for any
a normal narrow-pipe hash function to realize it.And some hash mode such as LAB Mode can more simply do it.In this paper,we'd introduce Active Domain Expansion which includes Surjection Round and the sum block $\Sigma M_{i}$.The most important is to define a sum block $\Sigma M_{i}$ to replace the input of a normal message block $M_{i}$ in compression
function.$\Sigma M_{i}$ is a sum of the foregoing i ``Encoded Blocks''.since the surjection round has the same purport and the form is a part of Active Domain Expansion,Surjections Round will be non-critical section in this paper.Besides,we can redefine the last block of additional bits.By these,a normal narrow-pipe hash function can resist the reducing completely.

**Category / Keywords: **narrow-pipe hash, Active Domain Expansion,Encoded Block ,entropy, recover

**Date: **received 21 Dec 2010, last revised 29 Nov 2012

**Contact author: **dihuo377 at 163 com

**Available format(s): **PDF | BibTeX Citation

**Version: **20121129:222016 (All versions of this report)

**Short URL: **ia.cr/2010/652

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]