Paper 2024/706
Linicrypt in the Ideal Cipher Model
, University of Victoria, University of VictoriaAbstract
We extend the Linicrypt framework for characterizing hash function security as proposed by McQuoid, Swope, and Rosulek (TCC 2018) to support constructions in the ideal cipher model. In this setting, we give a characterization of collision- and second-preimage-resistance in terms of a linear-algebraic condition on Linicrypt programs, and present an efficient algorithm for determining whether a program satisfies the condition. As an application, we consider the case of the block cipherbased hash functions proposed by Preneel, Govaerts, and Vandewall (Crypto 1993), and show that the semantic analysis of PGV given by Black et. al. (J. Crypto. 2010) can be captured as a special case of our characterization. In addition, We model hash functions constructed through the Merkle-Damgård transformation within the Linicrypt framework. Finally, we appy this model to an analysis of how various attacks on the underlying compression functions can compromise the collision resistance of the resulting hash function.
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Published elsewhere. Major revision. ProvSec 2023
- DOI
- 10.1007/978-3-031-45513-1_6
- Keywords
- Collision-resistant hash functionCompression functionIdeal cipher modelLinicrypt
- Contact author(s)
-
zahrajavar @ uvic ca
bmkapron @ uvic ca - History
- 2024-05-10: approved
- 2024-05-07: received
- See all versions
- Short URL
- https://ia.cr/2024/706
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/706,
author = {Zahra Javar and Bruce M. Kapron},
title = {Linicrypt in the Ideal Cipher Model},
howpublished = {Cryptology {ePrint} Archive, Paper 2024/706},
year = {2024},
doi = {10.1007/978-3-031-45513-1_6},
url = {https://eprint.iacr.org/2024/706}
}
