A Note on the Strength of Weak Collision Resistance
Summary :
NMAC is a function for message authentication based on cryptographic hash functions such as SHA. It is shown to be a secure message authentication code if its compression function with fixed input length is a secure message authentication code and its iterated hash function with variable input length constructed with the compression function is weakly collision resistant. In this article, two results are shown on the strength of the weak collision resistance of the iterated hash function in NMAC. First, it is shown that the weak collision resistance of the iterated hash function in NMAC is not implied by the pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, the weak collision resistance of the iterated hash function in NMAC implies the collision resistance of its compression function if the compression function is pseudorandom.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E87-A No.5 pp.1092-1097
- Publication Date
- 2004/05/01
- Publicized
- Online ISSN
- DOI
- Type of Manuscript
- Special Section LETTER (Special Section on Discrete Mathematics and Its Applications)
- Category
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Shoichi HIROSE, "A Note on the Strength of Weak Collision Resistance" in IEICE TRANSACTIONS on Fundamentals,
vol. E87-A, no. 5, pp. 1092-1097, May 2004, doi: .
Abstract: NMAC is a function for message authentication based on cryptographic hash functions such as SHA. It is shown to be a secure message authentication code if its compression function with fixed input length is a secure message authentication code and its iterated hash function with variable input length constructed with the compression function is weakly collision resistant. In this article, two results are shown on the strength of the weak collision resistance of the iterated hash function in NMAC. First, it is shown that the weak collision resistance of the iterated hash function in NMAC is not implied by the pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, the weak collision resistance of the iterated hash function in NMAC implies the collision resistance of its compression function if the compression function is pseudorandom.
URL: https://globals.ieice.org/en_transactions/fundamentals/10.1587/e87-a_5_1092/_p
Copy
@ARTICLE{e87-a_5_1092,
author={Shoichi HIROSE, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={A Note on the Strength of Weak Collision Resistance},
year={2004},
volume={E87-A},
number={5},
pages={1092-1097},
abstract={NMAC is a function for message authentication based on cryptographic hash functions such as SHA. It is shown to be a secure message authentication code if its compression function with fixed input length is a secure message authentication code and its iterated hash function with variable input length constructed with the compression function is weakly collision resistant. In this article, two results are shown on the strength of the weak collision resistance of the iterated hash function in NMAC. First, it is shown that the weak collision resistance of the iterated hash function in NMAC is not implied by the pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, the weak collision resistance of the iterated hash function in NMAC implies the collision resistance of its compression function if the compression function is pseudorandom.},
keywords={},
doi={},
ISSN={},
month={May},}
Copy
TY - JOUR
TI - A Note on the Strength of Weak Collision Resistance
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1092
EP - 1097
AU - Shoichi HIROSE
PY - 2004
DO -
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E87-A
IS - 5
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - May 2004
AB - NMAC is a function for message authentication based on cryptographic hash functions such as SHA. It is shown to be a secure message authentication code if its compression function with fixed input length is a secure message authentication code and its iterated hash function with variable input length constructed with the compression function is weakly collision resistant. In this article, two results are shown on the strength of the weak collision resistance of the iterated hash function in NMAC. First, it is shown that the weak collision resistance of the iterated hash function in NMAC is not implied by the pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, the weak collision resistance of the iterated hash function in NMAC implies the collision resistance of its compression function if the compression function is pseudorandom.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
