IET Information Security (Jul 2022)

New indifferentiability security proof of MDPH hash function

  • Chun Guo,
  • Tetsu Iwata,
  • Kazuhiko Minematsu

DOI
https://doi.org/10.1049/ise2.12058
Journal volume & issue
Vol. 16, no. 4
pp. 262 – 281

Abstract

Read online

Abstract MDPH is a double‐block‐length hash function proposed by Naito at Latincrypt 2019. This is a combination of Hirose's compression function and the domain extender called Merkle–Damgård with permutation. When instantiated with an n‐bit block cipher, Naito proved that this achieves the (nearly) optimal indifferentiable security bound of O (n − log n)‐bit security. In this paper, the authors first point out that the proof of the claim contains a gap, which is related to the definition of the simulator in simulating the decryption of the block cipher. The authors then show that the proof can be fixed. The authors introduce a new simulator that addresses the issue, showing that MDPH retains its (nearly) optimal indifferentiable security bound of O (n − log n)‐bit security.

Keywords