Open AccessSound Hashing Modes of Arbitrary Functions, Permutations, and Block Ciphers
Author(s) -
Joan Daemen,
Bart Mennink,
Gilles Van Assche
Publication year - 2018
Publication title -
iacr transaction on symmetric cryptology
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.715
H-Index - 10
ISSN - 2519-173X
DOI - 10.46586/tosc.v2018.i4.197-228
Subject(s) - hash function , block cipher , block cipher mode of operation , chaining , mathematical proof , computer science , cryptography , cryptographic hash function , discrete mathematics , simple (philosophy) , block (permutation group theory) , mathematics , arithmetic , theoretical computer science , algorithm , combinatorics , psychology , philosophy , geometry , computer security , epistemology , psychotherapist
Cryptographic hashing modes come in many flavors, including Merkle-Damgård with various types of strengthening, Merkle trees, and sponge functions. As underlying primitives, these functions use arbitrary functions, permutations, or block ciphers. In this work we provide three simple proofs, one per primitive type, that cover all modes where the input to the primitive consists of message bits, chaining value bits, and bits that only depend on the mode and message length. Our approach generalizes and simplifies over earlier attempts of Dodis et al. (FSE 2009) and Bertoni et al. (Int. J. Inf. Sec. 2014). We prove tight indifferentiability bounds for modes using each of these three primitive types provided that the mode satisfies some easy to verify conditions.