A Note on the Strength of Weak Collision Resistance

Shoichi HIROSE  

Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E87-A   No.5   pp.1092-1097
Publication Date: 2004/05/01
Online ISSN: 
DOI: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section LETTER (Special Section on Discrete Mathematics and Its Applications)
Category: 
Keyword: 
hash function,  weak collision resistance,  message authentication code,  NMAC,  

Full Text: PDF>>
Buy this Article




Summary: 
NMAC is a function for message authentication based on cryptographic hash functions such as SHA. It is shown to be a secure message authentication code if its compression function with fixed input length is a secure message authentication code and its iterated hash function with variable input length constructed with the compression function is weakly collision resistant. In this article, two results are shown on the strength of the weak collision resistance of the iterated hash function in NMAC. First, it is shown that the weak collision resistance of the iterated hash function in NMAC is not implied by the pseudorandomness of its compression function even if the MD-strengthening is assumed. Second, the weak collision resistance of the iterated hash function in NMAC implies the collision resistance of its compression function if the compression function is pseudorandom.