Book
On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions.
| Title: | On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions. |
|---|---|
| Authors: | Cramer, Ronald, Black, John, Cochran, Martin, Shrimpton, Thomas |
| Source: | Advances in Cryptology - EUROCRYPT 2005; 2005, p526-541, 16p |
| Abstract: | Fix a small, non-empty set of blockcipher keys . We say a blockcipher-based hash function is highly-efficient if it makes exactly one blockcipher call for each message block hashed, and all blockcipher calls use a key from . Although a few highly-efficient constructions have been proposed, no one has been able to prove their security. In this paper we prove, in the ideal-cipher model, that it is impossible to construct a highly-efficient iterated blockcipher-based hash function that is provably secure. Our result implies, in particular, that the Tweakable Chain Hash (TCH) construction suggested by Liskov, Rivest, and Wagner [7] is not correct under an instantiation suggested for this construction, nor can TCH be correctly instantiated by any other efficient means. Keywords: Collision-resistant hash functions, tweakable blockciphers, provable security. [ABSTRACT FROM AUTHOR] |
| Copyright of Advances in Cryptology - EUROCRYPT 2005 is the property of Springer eBooks and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| DOI: | 10.1007/11426639_31 |
| Database: | Supplemental Index |
Availability