Abstract | ||
---|---|---|
We provide the first proof of security for MDC-2, the most well-known construction for turning an n-bit blockcipher into a 2n-bit cryptographic hash function. Our result, which is in the ideal-cipher model, shows that MDC-2, when built from a blockcipher having blocklength and keylength n, has security much better than that delivered by any hash function that has an n-bit output. When the blocklength and keylength are n= 128 bits, as with MDC-2 based on AES-128, an adversary that asks fewer than 274.9queries usually cannot find a collision. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1007/978-3-540-72540-4_3 | IACR Cryptology ePrint Archive |
Keywords | DocType | Volume |
ideal-cipher model,hash function,collision intractability,n-bit output,cryptographic hash function,cryptographic hash functions,mdc-2.,collision-resistant hashing,keylength n,n-bit blockcipher,well-known construction | Conference | 2006 |
ISSN | Citations | PageRank |
0302-9743 | 49 | 2.71 |
References | Authors | |
22 | 1 |
Name | Order | Citations | PageRank |
---|---|---|---|
John P. Steinberger | 1 | 329 | 18.30 |