MJH: A faster alternative to MDC-2

Abstract

In this paper, we introduce a new class of double-block-length hash functions. In the ideal cipher model (for n-bit blocks), we prove that these hash functions, dubbed MJH, are provably collision resistant up to O(2 2n/3-log n) queries in the iteration. When based on n-bit key blockciphers, our construction provides better provable security than MDC-2, the only known construction of a rate-1/2 double-length hash function based on an n-bit key blockcipher with non-trivial provable security. Moreover, since key scheduling is performed only once per message block for MJH, our proposal significantly outperforms MDC-2 in efficiency. When based on a 2n-bit key blockcipher, we can use the extra n bits of key to increase the amount of payload accordingly. Thus we get a rate-1 hash function that is much faster than existing proposals, such as Tandem-DM, at the expense of (for the moment) reduced provable security. © 2011 Springer-Verlag Berlin Heidelberg.