Skip to Main content Skip to Navigation
Conference papers

Provable Second Preimage Resistance Revisited

Abstract : Most cryptographic hash functions are iterated constructions, in which a mode of operation specifies how a compression function or a fixed permutation is applied. The Merkle-Damgard mode of operation is the simplest and more widely deployed mode of operation, yet it suffers from generic second preimage attacks, even when the compression function is ideal. In this paper we focus on provable security against second preimage attacks. Based on the study of several existing constructions, we describe simple properties of modes of operation and show that they are sufficient to allow some form of provable security, first in the random oracle model and then in the standard model. Our security proofs are extremely simple. We show for instance that the claims of the designers of Haifa regarding second preimage resistance are valid. Lastly, we give arguments that proofs of second preimage resistance by a black-box reduction incur an unavoidable security loss.
Document type :
Conference papers
Complete list of metadata
Contributor : Équipe HAL UVSQ Connect in order to contact the contributor
Submitted on : Monday, July 8, 2019 - 2:34:50 PM
Last modification on : Saturday, June 25, 2022 - 9:12:45 PM

Links full text




Charles Bouillaguet, Bastien Vayssière. Provable Second Preimage Resistance Revisited. 20th International Conference on Selected Areas in Cryptography, Aug 2013, Simon Fraser Univ, Burnaby, CANADA, Canada. ⟨10.1007/978-3-662-43414-7_26⟩. ⟨hal-02176876⟩



Record views