| Presentation | 2002/11/7 Weak Collision-Resistance for Variable Input Length Can Imply Collision-Resistance for Fixed Input Length Shoichi HIROSE, |
|---|---|
| PDF Download Page | PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | HMAC and NMAC are well-known message authentication functions based on cryptographic hash functions such as SHA. HMAG is a modified practical version of NMAC and has not been given any provable security. On the other hand, NMAG is shown to be a message authentication code if its compression function with fixed input length is a message authentication code and its iterated hash function with variable input length constructed with the compression function is weak collision-resistant. In this article, two results are shown on the strength of weak collision-resistance of the iterated hash function in NMAC. First, it is shown that weak collision-resistance of the iterated hash function in NMAC is not implied by pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, weak collision-resistance of the iterated hash function in NMAC implies collision-resistance of its compression function if the compression function is pseudorandom. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Hash function / collision-resistance / weak collision-resistance / pseudorandomness / message authentication code |
| Paper # | ISEC2002-76 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2002/11/7(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Weak Collision-Resistance for Variable Input Length Can Imply Collision-Resistance for Fixed Input Length |
| Sub Title (in English) | |
| Keyword(1) | Hash function |
| Keyword(2) | collision-resistance |
| Keyword(3) | weak collision-resistance |
| Keyword(4) | pseudorandomness |
| Keyword(5) | message authentication code |
| 1st Author's Name | Shoichi HIROSE |
| 1st Author's Affiliation | Graduate School of Informatics, Kyoto University() |
| Date | 2002/11/7 |
| Paper # | ISEC2002-76 |
| Volume (vol) | vol.102 |
| Number (no) | 436 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |