Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools

IACR

2011

2011

We consider the family of 2n-to-n-bit compression functions that are solely based on at most three permutation executions and on XOR-operators, and analyze its collision and preimage security. Despite their elegance and simplicity, these designs are not covered by the results of Rogaway and Steinberger (CRYPTO 2008). By deﬁning a carefully chosen equivalence relation on this family of compression functions, we obtain the following results. In the setting where the three permutations π1, π2, π3 are selected independently and uniformly at random, there exist at most four equivalence classes that achieve optimal 2n/2 collision resistance. Under a certain extremal graph theory based conjecture, these classes are proven optimally collision secure. Additionally, three of these classes allow for ﬁnding preimages in 2n/2 queries, and only one achieves optimal 22n/3 preimage resistance (with respect to the bounds of Rogaway and Steinberger, EUROCRYPT 2008). Consequently, a compression fu...

Related Content

Added |
23 Dec 2011 |

Updated |
23 Dec 2011 |

Type |
Journal |

Year |
2011 |

Where |
IACR |

Authors |
Bart Mennink, Bart Preneel |

Comments (0)