Một cải tiến cận an toàn kháng va chạm cho lược đồ Hirose trong mô hình mã pháp lý tưởng
DOI:
https://doi.org/10.54654/isj.v9i01.40Keywords:
Hirose scheme, double-block-length compression function, ideal cipher, collision resistance, preimage resistance.Tóm tắt
Tóm tắt— Trong số các hàm nén dựa trên mã khối, có 3 hàm nén độ dài khối kép nổi tiếng đạt được độ an toàn kháng va chạm và kháng tiền ảnh tối ưu (lần lượt lên đến 2n và 22n truy vấn) đó là Abreast-DM, Tandem-DM và lược đồ Hirose. Gần đây đã có một số lược đồ mới được đề xuất, tuy nhiên các chứng minh độ an toàn đều dựa trên các kết quả đã có đối với 3 lược đồ trên. Trong đó, lược đồ Hirose đạt được cận an toàn kháng va chạm và kháng tiền ảnh tốt hơn 2 lược đồ còn lại. Ngoài ra nó còn hiệu quả hơn khi chỉ sử dụng một lược đồ khoá duy nhất cho 2 mã khối cơ sở. Trong bài báo này, chúng tôi đưa ra một cận an toàn kháng va chạm chặt hơn cho lược đồ Hirose. Kết quả khi áp dụng với mã khối có độ dài khối 128 bit và độ dài khoá 256 bit, ví dụ như AES-256, đó là không có một kẻ tấn công bất kỳ nào thực hiện ít hơn 2126.73 truy vấn có thể tìm được một va chạm cho hàm nén Hirose với xác suất lớn hơn 1/2.
Abstract— Among the compression functions based on block ciphers, there are three well-known double-block-length compression functions that achieve collision and preimage resistance security (up to 2n and 22n, respectively) that are Abreast-DM, Tandem-DM and Hirose scheme. Recently, several new schemes have been proposed, but the security proofs are based on the results available for the three schemes above. In particular, the Hirose Scheme that achieves impact resistance and preimage resistance is better than the other two schemes. In addition, it is more efficient to use only a single key scheme for 2 base block ciphers. In this paper, we give a more secure collision resistance for the Hirose scheme. The result when applied to block ciphers with a 128-bit block length and a 256-bit key length, such as AES-256, is that no attacker make less than 2126.73queries can find a collisionfor Hirose compression function with a probability greater than 1/2.
Downloads
References
[1]. Meyer, C.H. and Schilling, M. Secure program load with manipulation detection code. in Proc. Securicom. 1988.
[2]. Lee, J. and Stam, M. MJH: A faster alternative to MDC-2. in Cryptographers’ Track at the RSA Conference. 2011. Springer.
[3]. Lee, J. and Stam, M., MJH: a faster alternative to MDC-2. Designs, Codes and Cryptography, 2015. 76(2): p. 179-205
[4]. Hohl, W., et al. Security of iterated hash functions based on block ciphers. in Annual International Cryptology Conference. 1993. Springer.
[5]. Prencel, B., et al. Collision-free hashfunctions based on blockcipher algorithms. in Security Technology, 1989. Proceedings. 1989 International Carnahan Conference on. 1989. IEEE.
[6]. Brown, L., Pieprzyk, J., and Seberry, J. LOKI—a cryptographic primitive for authentication and secrecy applications. in International Conference on Cryptology. 1990. Springer.
[7]. Mennink, B. Optimal collision security in double block length hashing with single length key. in International Conference on the Theory and Application of Cryptology and Information Security. 2012. Springer.
[8]. Jetchev, D., Özen, O., and Stam, M. Collisions are not incidental: A compression function exploiting discrete geometry. in Theory of Cryptography Conference. 2012. Springer.
[9]. Lai, X. and Massey, J.L. Hash functions based on block ciphers. in Workshop on the Theory and Application of of Cryptographic Techniques. 1992. Springer.
[10]. Hirose, S. Some plausible constructions of double-block-length hash functions. in International Workshop on Fast Software Encryption. 2006. Springer.
[11]. Stam, M. Blockcipher-based hashing revisited. in Fast Software Encryption. 2009. Springer.
[12]. Hirose, S. Provably secure double-block-length hash functions in a black-box model. in International Conference on Information Security and Cryptology. 2004. Springer.
[13]. Özen, O. and Stam, M. Another glance at double-length hashing. in IMA International Conference on Cryptography and Coding. 2009. Springer.
[14]. Fleischmann, E., Gorski, M., and Lucks, S. Security of cyclic double block length hash functions. in IMA International Conference on Cryptography and Coding. 2009. Springer.
[15]. Lee, J. and Kwon, D., The security of Abreast-DM in the ideal cipher model. IEICE transactions on fundamentals of electronics, communications and computer sciences, 2011. 94(1): p. 104-109
[16]. Armknecht, F., et al. The preimage security of double-block-length compression functions. in International Conference on the Theory and Application of Cryptology and Information Security. 2011. Springer.
[17]. Lee, J., Stam, M., and Steinberger, J.J.J.o.C., The security of Tandem-DM in the ideal cipher model. 2017. 30(2): p. 495-518
[18]. Fleischmann, E., et al., Weimar-DM: The Most Secure Double Length Compression Function.
Downloads
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).