
For FullText PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.

Improving MDC4 to Be More Secure
Deukjo HONG DongChan KIM Daesung KWON
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Vol.E102A
No.1
pp.278289 Publication Date: 2019/01/01
Online ISSN: 17451337
DOI: 10.1587/transfun.E102.A.278
Type of Manuscript: PAPER Category: Cryptography and Information Security Keyword: MDC4^{+}, collision resistance, preimage resistance,
Full Text: PDF(1.2MB)>>
Summary:
MDC4 is the enhanced version of MDC2, which is a wellknown hash mode of block ciphers. However, it does not guarantee sufficient securities required for a cryptographic hash function. In the ideal cipher model, the MDC4 compression function has the collision security bound close to 2^{5n/8} and the preimage security bound close to 2^{5n/4}, where the underlying block cipher has the block size of n bits. We have studied how to improve MDC4 with simple modification to strengthen its security. It is meaningful work because users often want to improve their familiar systems with low cost. In this paper, we achieve it by proposing MDC4^{+}, which is a light variation of MDC4. We prove that MDC4^{+} is much more secure than MDC4 by showing that it has the collision security bound close to optimal 2^{n} and the preimage security bound close to 2^{4n/3}. We also discuss its efficiency by comparing existing hash modes.

