Skip to main content

The Preimage Security of Double-Block-Length Compression Functions

Frederik Armknecht, Ewan Fleischmann, Matthias Krause, Jooyoung Lee, Martijn Stam, John P. Steinberger, The Preimage Security of Double-Block-Length Compression Functions. Advances in Cryptology - ASIACRYPT 2011. ISBN 978-3-642-25384-3, pp. 233–251. December 2011. No electronic version available. External information


We present new techniques for deriving preimage resistance bounds for block cipher based double-block-length, double-call hash functions. We give improved bounds on the preimage security of the three a??classicala?? double-block-length, double-call, block cipher-based compression functions, these being Abreast-DM, Tandem-DM and Hirosea??s scheme. For Hirosea??s scheme, we show that an adversary must make at least 22na??a??a??5 block cipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. For Abreast-DM and Tandem-DM we show that at least 22na??a??a??10 queries are necessary. These bounds improve upon the previous best bounds of I?(2n) queries, and are optimal up to a constant factor since the compression functions in question have range of size 22n.

Bibtex entry.

Contact details

Publication Admin