Security Analysis of a 2/3-Rate Double Length Compression Function in the Black-Box Model

  • Mridul Nandi
  • Wonil Lee
  • Kouichi Sakurai
  • Sangjin Lee
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3557)


In this paper, we propose a 2/3-rate double length compression function and study its security in the black-box model. We prove that to get a collision attack for the compression function requires Ω(22 n/3) queries, where n is the single length output size. Thus, it has better security than a most secure single length compression function. This construction is more efficient than the construction given in [8]. Also the three computations of underlying compression functions can be done in parallel. The proof idea uses a concept of computable message which can be helpful to study security of other constructions like [8],[14],[16] etc.


  1. 1.
    Black, J., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 320–335. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Damgård, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)Google Scholar
  3. 3.
    Dobbertin, H.: Cryptanalysis of MD4. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039. Springer, Heidelberg (1996)Google Scholar
  4. 4.
    Dobbertin, H.: Cryptanalysis of MD5 Rump Session of Eurocrypt 1996 (May 1996),
  5. 5.
    Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160: A strengthened version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Finney, H.: More problems with hash functions. The cryptographic mailing list, (August 24, 2004)
  7. 7.
    Hattori, M., Hirose, S., Yoshida, S.: Analysis of double block length hash functions. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 290–302. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Hirose, S.: Provably secure double-block-length hash functions in a black-box model. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 330–342. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Joux, A.: Multicollision on Iterated Hash Function. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)Google Scholar
  10. 10.
    Kelsey, J.: A long-message attack on SHAx, MDx, Tiger, N-Hash, Whirlpool and Snefru. Draft. (Unpublished Manuscritpt)Google Scholar
  11. 11.
    Knudsen, L., Lai, X., Preneel, B.: Attacks on fast double block length hash functions. J. Cryptology 11(1) (winter) (1998)Google Scholar
  12. 12.
    Knudsen, L., Preneel, B.: Construction of Secure and Fast Hash Functions Using Nonbinary Error-Correcting Codes. IEEE transactions on information theory 48(9) (September 2002)Google Scholar
  13. 13.
    Lee, W., Nandi, M., Sarkar, P., Chang, D., Lee, S., Sakurai, K.: A Generalization of PGV-Hash Functions and Security Analysis in Black-Box Model. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, Springer, Heidelberg (2003)Google Scholar
  14. 14.
    Lucks, S.: Design principles for Iterated Hash Functions, e-print server
  15. 15.
    Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)Google Scholar
  16. 16.
    Nandi, M.: A Class of Secure Double Length Hash Functions. e-print server
  17. 17.
    NIST/NSA. FIPS 180-2 Secure Hash Standard (August 2002),
  18. 18.
    Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: A synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368–378. Springer, Heidelberg (1994)Google Scholar
  19. 19.
    Rivest, R.: The MD5 message digest algorithm,
  20. 20.
    Satoh, T., Haga, M., Kurosawa, K.: Towards Secure and Fast Hash Functions. IEICE Trans. E82-A(1) (January 1999)Google Scholar
  21. 21.
    Schneier, B.: Cryptanalysis of MD5 and SHA. Crypto-Gram Newsletter (September 2004),

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Mridul Nandi
    • 1
  • Wonil Lee
    • 2
  • Kouichi Sakurai
    • 2
  • Sangjin Lee
    • 3
  1. 1.Applied Statistics UnitIndian Statistical InstituteKolkataIndia
  2. 2.Faculty of Information Science and Electrical EngineeringKyushu UniversityFukuokaJapan
  3. 3.Center for Information Security Technologies (CIST)Korea UniversitySeoulKorea

Personalised recommendations