Abstract
Most cryptographic hash functions are iterated constructions, in which a mode of operation specifies how a compression function or a fixed permutation is applied. The Merkle-Damgård mode of operation is the simplest and more widely deployed mode of operation, yet it suffers from generic second preimage attacks, even when the compression function is ideal. In this paper we focus on provable security against second preimage attacks. Based on the study of several existing constructions, we describe simple properties of modes of operation and show that they are sufficient to allow some form of provable security, first in the random oracle model and then in the standard model. Our security proofs are extremely simple. We show for instance that the claims of the designers of Haifa regarding second preimage resistance are valid. Lastly, we give arguments that proofs of second preimage resistance by a black-box reduction incur an unavoidable security loss. © 2014 Springer-Verlag.
Author supplied keywords
Cite
CITATION STYLE
Bouillaguet, C., & Vayssière, B. (2014). Provable second preimage resistance revisited. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8282 LNCS, pp. 513–532). Springer Verlag. https://doi.org/10.1007/978-3-662-43414-7_26
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
