[Resource Topic] 2006/135: The Design Principle of Hash Function with Merkle-Damgård Construction

Welcome to the resource topic for 2006/135

The Design Principle of Hash Function with Merkle-Damgård Construction

Authors: Duo Lei, Da Lin, Li Chao, Keqin Feng, Longjiang Qu


The paper discusses the security of
hash function with Merkle-Damgård construction and provides
the complexity bound of finding a collision
and primage of hash function based on the condition probability of
compression function y=F(x,k). we make a conclusion that in
Merkle-Dammaård construction, the requirement of free start
collision resistant and free start collision resistant on
compression function is not necessary and it is enough if the
compression function with properties of fix start collision
resistant and fix start preimage resistant. However, the condition
probability P_{Y|X=x}(y) and P_{Y|K=k}(y) of compression
function y=F(x,k) have much influence on the security of the hash
function. The best design of compression function should have
properties of that P_{Y|X=x}(y) and P_{Y|K=k}(y) are both
uniformly distributed for all x and k. At the end of the paper,
we discussed the block cipher based hash function, point out among
the the 20 schemes, selected by PGV\cite{Re:Preneel} and
BPS\cite{Re:JBlack}, the best scheme is block cipher itself, if the
block cipher with perfect security and perfect key distribution.

ePrint: https://eprint.iacr.org/2006/135

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .