You are looking at a specific version 20211106:155121 of this paper. See the latest version.

Paper 2021/1469

New Indifferentiability Security Proof of MDPH Hash Function

Chun Guo and Tetsu Iwata and Kazuhiko Minematsu

Abstract

MDPH is a double-block-length hash function proposed by Naito at Latincrypt 2019.This is a combination of Hirose's compression function and the domain extender called Merkle-Damg\r{a}rd with permutation (MDP). When instantiated with an $n$-bit block cipher, Naito proved that this achieves the (nearly) optimal indifferentiable security bound of $O(n-\log n)$-bit security. In this paper, we first point out that the proof of the claim contains a gap, which is related to the definition of the simulator in simulating the decryption of the block cipher. We then show that the proof can be fixed. We introduce a new simulator that addresses the issue, showing that MDPH retains its (nearly) optimal indifferentiable security bound of $O(n-\log n)$-bit security.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Hash functionMDPHIndifferentiability
Contact author(s)
chun guo @ sdu edu cn
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History
2021-11-06: received
Short URL
https://ia.cr/2021/1469
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.