Hash Functions Based on Block Ciphers: A Synthetic Approach

Constructions for hash functions based on a block cipher are studied where the size of the hashcode is equal to the block length of the block cipher and where the key size is approximately equal to the block length. A general model is presented, and it is shown that this model covers 9 schemes that have appeared in the literature. Within this general model 64 possible schemes exist, and it is shown that 12 of these are secure; they can be reduced to 2 classes based on linear transformations of variables. The properties of these 12 schemes with respect to weaknesses of the underlying block cipher are studied. The same approach can be extended to study keyed hash functions (MAC's) based on block ciphers and hash functions based on modular arithmetic. Finally a new attack is presented on a scheme suggested by R. Merkle.

[1]  Gustavus J. Simmons,et al.  Contemporary Cryptology: The Science of Information Integrity , 1994 .

[2]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[3]  Xuejia Lai,et al.  Hash Function Based on Block Ciphers , 1992, EUROCRYPT.

[4]  Jennifer Seberry,et al.  LOKI - A Cryptographic Primitive for Authentication and Secrecy Applications , 1990, AUSCRYPT.

[5]  Selim G. Akl,et al.  On the Security of Compressed Encodings , 1983, CRYPTO.

[6]  Joos Vandewalle,et al.  On the Power of Memory in the Design of Collision Resistant Hash Functions , 1992, AUSCRYPT.

[7]  Robert S. Winternitz Producing a One-Way Hash Function from DES , 1983, CRYPTO.

[8]  Ralph C. Merkle,et al.  Secrecy, authentication, and public key systems , 1979 .

[9]  Ivan Damgård,et al.  Collision Free Hash Functions and Public Key Signature Schemes , 1987, EUROCRYPT.

[10]  Dorothy E. Denning,et al.  Programming Techniques and Data Structures Digital Signatures with Rsa and Other Public.key , 2022 .

[11]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[12]  Marc Girault,et al.  Hash-Functions Using Modulo-N Operations , 1987, EUROCRYPT.

[13]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[14]  Donald W. Davies,et al.  Applying the RSA Digital Signature to Electronic Mail , 1983, Computer.

[15]  Robert S. Winternitz A Secure One-Way Hash Function Built from DES , 1984, 1984 IEEE Symposium on Security and Privacy.

[16]  Kazuo Ohta,et al.  Confirmation that Some Hash Functions Are Not Collision Free , 1991, EUROCRYPT.

[17]  Gideon Yuval,et al.  How to Swindle Rabin , 1979, Cryptologia.

[18]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.