Explain Block Ciphers as Hash Functions?

It can use block ciphers as hash functions using H0=0 and zero-pad of final block and compute: Hi = EMi [Hi-1]. Use final block as the hash value similar to CBC but without a key

  1. resulting hash is too small (64-bit)
    • both due to direct birthday attack
    • and to “meet-in-the-middle” attack
  2. other variants also susceptible to attack

Hash Functions & MAC Security:
Like block ciphers have:

  1. brute-force attacks exploiting
    • strong collision resistance hash have cost 2m/2
      • have proposal for h/w MD5 cracker
      • 128-bit hash looks vulnerable, 160-bits better
    • MACs with known message-MAC pairs
      • can either attack keyspace (cf key search) or MAC
      • at least 128-bit MAC is needed for security
    • cryptanalytic attacks exploit structure
      • like block ciphers want brute-force attacks to be the best alternative
    • have a number of analytic attacks on iterated hash functions
      • CVi = f[CVi-1, Mi]; H(M)=CVN
      • typically focus on collisions in function f
      • like block ciphers is often composed of rounds
      • attacks exploit properties of round functions

Leave a Reply

Your email address will not be published. Required fields are marked *