Skip to main content
Conference ProceedingsOPEN ACCESS

The preimage security of double-block-length compression functions

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2011) 7073 LNCS 233-251
DOI: 10.1007/978-3-642-25385-0_13
37Citations
Citations of this article
36Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three "classical" double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirose's scheme. For Hirose's scheme, we show that an adversary must make at least 22n-5 block cipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. For Abreast-DM and Tandem-DM we show that at least 22n-10 queries are necessary. These bounds improve upon the previous best bounds of Ω(2 n ) queries, and are optimal up to a constant factor since the compression functions in question have range of size 22n . © 2011 International Association for Cryptologic Research.

Author supplied keywords

Cite

CITATION STYLE

APA

Armknecht, F., Fleischmann, E., Krause, M., Lee, J., Stam, M., & Steinberger, J. (2011). The preimage security of double-block-length compression functions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7073 LNCS, pp. 233–251). https://doi.org/10.1007/978-3-642-25385-0_13

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free