Paper 2021/1469

New Indifferentiability Security Proof of MDPH Hash Function

Chun Guo, Tetsu Iwata, and Kazuhiko Minematsu

Abstract

MDPH is a double-block-length hash function proposed by Naito at Latincrypt 2019.This is a combination of Hirose's compression function and the domain extender called Merkle-Damg\r{a}rd with permutation (MDP). When instantiated with an $n$-bit block cipher, Naito proved that this achieves the (nearly) optimal indifferentiable security bound of $O(n-\log n)$-bit security. In this paper, we first point out that the proof of the claim contains a gap, which is related to the definition of the simulator in simulating the decryption of the block cipher. We then show that the proof can be fixed. We introduce a new simulator that addresses the issue, showing that MDPH retains its (nearly) optimal indifferentiable security bound of $O(n-\log n)$-bit security.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Hash functionMDPHIndifferentiability
Contact author(s)
chun guo @ sdu edu cn
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History
2021-11-06: received
Short URL
https://ia.cr/2021/1469
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1469,
      author = {Chun Guo and Tetsu Iwata and Kazuhiko Minematsu},
      title = {New Indifferentiability Security Proof of MDPH Hash Function},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1469},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1469}},
      url = {https://eprint.iacr.org/2021/1469}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.