We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three "classical" double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose's scheme. For Hirose's scheme, we show that an adversary must make at least 22n-5 block cipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. For Abreast-DM and Tandem-DM we show that at least 22n-10 queries are necessary. These bounds improve upon the previous best bounds of Ω(2 n ) queries, and are optimal up to a constant factor since the compression functions in question have range of size 22n . © 2011 International Association for Cryptologic Research.
CITATION STYLE
Armknecht, F., Fleischmann, E., Krause, M., Lee, J., Stam, M., & Steinberger, J. (2011). The preimage security of double-block-length compression functions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7073 LNCS, pp. 233–251). https://doi.org/10.1007/978-3-642-25385-0_13
Mendeley helps you to discover research relevant for your work.