hashing.pdf (153.97 kB)

On hashing with tweakable ciphers

Download (153.97 kB)
conference contribution
posted on 16.12.2009, 15:05 by Raphael C.-W. Phan, Jean-Philippe Aumasson
Cryptographic hash functions are often built on block ciphers in order to reduce the security analysis of the hash to that of the cipher, and to minimize the hardware size. Well known hash constructs are used in international standards like MD5 and SHA-1. Recently, researchers proposed new modes of operations for hash functions to protect against generic attacks, and it remains open how to base such functions on block ciphers. An attracting and intuitive choice is to combine previous constructions with tweakable block ciphers. We investigate such constructions, and show the surprising result that combining a provably secure mode of operation with a provably secure tweakable cipher does not guarantee the security of the constructed hash function. In fact, simple attacks can be possible when the interaction between secure components leaves some additional "freedom" to an adversary. Our techniques are derived from the principle of slide attacks, which were introduced for attacking block ciphers.

History

School

  • Mechanical, Electrical and Manufacturing Engineering

Citation

PHAN, R.C.-W. and AUMASSON, J.-P., 2009. On hashing with tweakable ciphers. IN: IEEE International Conference on Communications, (ICC '09), Dresden, 14-18 June, pp. 1 - 5.

Publisher

© IEEE

Version

VoR (Version of Record)

Publication date

2009

Notes

This is a conference paper [© IEEE]. It is also available at: http://ieeexplore.ieee.org/ Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

ISBN

9781424434350

ISSN

1938-1883

Language

en

Exports

Logo branding

Keywords

Exports