Abstract
Existing double-block-length (DBL) hash functions, in order to achieve optimal indifferentiable security (security up to \(O(2^n)\) query complexity), require a block cipher with \(n\)-bit blocks and \(k\)-bit keys such that \(2n\le k\), and a post-processing function with two block cipher calls. In this paper, we consider the indifferentiability of \(\mathsf {MDPH}\), a combination of the MDP domain extender and Hirose’s compression function. \(\mathsf {MDPH}\) does not require the post-processing function (thus has better efficiency), and supports block ciphers with \(n< k\). We show that \(\mathsf {MDPH}\) achieves (nearly) optimal indifferentiable security. To the best of our knowledge, this is the first result for DBL hashing with optimal indifferentiable security, with support for block ciphers with \(n< k\), and without the post-processing function.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call