New Indifferentiability Security Proof of MDPH Hash Function

Chun Guo; Tetsu Iwata; Kazuhiko Minematsu

Paper 2021/1469

New Indifferentiability Security Proof of MDPH Hash Function

Chun Guo, Tetsu Iwata, and Kazuhiko Minematsu

Abstract

MDPH is a double-block-length hash function proposed by Naito at Latincrypt 2019.This is a combination of Hirose's compression function and the domain extender called Merkle-Damg\r{a}rd with permutation (MDP). When instantiated with an $n$ -bit block cipher, Naito proved that this achieves the (nearly) optimal indifferentiable security bound of $O (n - \log n)$ -bit security. In this paper, we first point out that the proof of the claim contains a gap, which is related to the definition of the simulator in simulating the decryption of the block cipher. We then show that the proof can be fixed. We introduce a new simulator that addresses the issue, showing that MDPH retains its (nearly) optimal indifferentiable security bound of $O (n - \log n)$ -bit security.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Preprint. MINOR revision.
Keywords: Hash function MDPH Indifferentiability
Contact author(s): chun guo @ sdu edu cn
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History: 2021-11-06: received
Short URL: https://ia.cr/2021/1469
License: CC BY

BibTeX

@misc{cryptoeprint:2021/1469,
      author = {Chun Guo and Tetsu Iwata and Kazuhiko Minematsu},
      title = {New Indifferentiability Security Proof of {MDPH} Hash Function},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1469},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1469}
}