Provable Second Preimage Resistance Revisited

Abstract : Most cryptographic hash functions are iterated constructions, in which a mode of operation specifies how a compression function or a fixed permutation is applied. The Merkle-Damgard mode of operation is the simplest and more widely deployed mode of operation, yet it suffers from generic second preimage attacks, even when the compression function is ideal. In this paper we focus on provable security against second preimage attacks. Based on the study of several existing constructions, we describe simple properties of modes of operation and show that they are sufficient to allow some form of provable security, first in the random oracle model and then in the standard model. Our security proofs are extremely simple. We show for instance that the claims of the designers of Haifa regarding second preimage resistance are valid. Lastly, we give arguments that proofs of second preimage resistance by a black-box reduction incur an unavoidable security loss.
Document type :
Conference papers
Complete list of metadatas

https://hal.uvsq.fr/hal-02176876
Contributor : Équipe Hal Uvsq <>
Submitted on : Monday, July 8, 2019 - 2:34:50 PM
Last modification on : Tuesday, July 9, 2019 - 1:27:43 AM

Links full text

Identifiers

Collections

Citation

Charles Bouillaguet, Bastien Vayssière. Provable Second Preimage Resistance Revisited. 20th International Conference on Selected Areas in Cryptography, Aug 2013, Simon Fraser Univ, Burnaby, CANADA, Canada. ⟨10.1007/978-3-662-43414-7_26⟩. ⟨hal-02176876⟩

Share

Metrics

Record views

10