2 Hits in 3.8 sec

The Ideal-Cipher Model, Revisited: An Uninstantiable Blockcipher-Based Hash Function [chapter]

John Black
2006 Lecture Notes in Computer Science  
in the ideal-cipher model but trivially insecure when instantiated by any blockcipher.  ...  In particular, we extend work by Canetti, Goldreich and Halevi [5] , and a recent simplification by Maurer, Renner, and Holenstein [14], to exhibit a blockcipher-based hash function that is provably-secure  ...  An Uninstantiable Blockcipher-Based Hash Function In [3] we find 20 blockcipher-based hash function constructions that are provably secure in the ideal-cipher model.  ... 
doi:10.1007/11799313_21 fatcat:3u4c56plhjc7tfmtyodldiy4sy

Design and Analysis of Multi-Block-Length Hash Functions

Onur Özen
We remark that, as in the random oracle model, there is an "uninstantiability" result by Black [28] who provides a blockcipher-based hash function that is secure in the ideal cipher model yet it turns  ...  The ideal cipher model has been used extensively in the literature [8, 26, 27, 76, 107, 191, 192] for arguing security of blockcipher-based hash and compression functions.  ...  Note that we do not discriminate between different representatives, The following lemma provides an alternative formulation to Lemma 6.4.1. Lemma 6.4.2. If g ∈ F r 2 e and δ ∈ F n 2 e then Proof.  ... 
doi:10.5075/epfl-thesis-5333 fatcat:3fonrx6imffapjvs3nnv5khjoa