论文信息 - Cryptanalysis of Double-Block-Length Hash Mode MJH

Cryptanalysis of Double-Block-Length Hash Mode MJH

A double-block-length (DBL) hash mode of block ciphers, MJH has been proved to be collision-resistant in the ideal cipher model upto 22n/3−log n queries. In this paper we provide first cryptanalytic results for MJH. We show that a collision attack on MJH has the time complexity below the birthday bound. When block ciphers with 128-bit blocks are used, it has time complexity around 2, which is to be compared to the birthday attack having complexity 2. We also give a preimage attack on MJH. It has the time complexity of 2 with n-bit block ciphers, which is to be compared to the brute force attack having complexity 2.

Daesung Kwon | Deukjo Hong

[1] Andrew W. Appel,et al. Formal aspects of mobile code security , 1999 .

[2] Shoichi Hirose,et al. Some Plausible Constructions of Double-Block-Length Hash Functions , 2006, FSE.

[3] Xuejia Lai,et al. Hash Function Based on Block Ciphers , 1992, EUROCRYPT.

[4] Florian Mendel,et al. Cryptanalysis of MDC-2 , 2009, EUROCRYPT.

[5] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[6] Joos Vandewalle,et al. Hash Functions Based on Block Ciphers: A Synthetic Approach , 1993, CRYPTO.

[7] Bruce Schneier,et al. Second Preimages on n-bit Hash Functions for Much Less than 2n Work , 2005, IACR Cryptol. ePrint Arch..