Extended Multi-Property-Preserving and ECM-Construction

摘要

For an iterated hash, it is expected that, the hash transform inherits all the cryptographic properties of its compression function. This means that the cryptanalytic validation task can be confined to the compression function. Bellare and Ristenpart [3] introduced a notion Multi-Property preserving (MPP) to characterize the goal. In their paper, the MPP was collision resistance preserving (CR-pr), pseudo random function preserving (PRF-pr) and pseudo random oracle preserving (PRO-pr). The probability distribution of hash transform influences the randomness and adversary’s advantage on collision finding, we expect that the hash transform is almost uniformly distributed and this property is inherited from its compression function and call it Almost-Uniform Distribution preserving (AUD-pr). However, AUD-pr is not always true for MD-strengthening Merkle-Damg?rd [7,12] transform. It is proved that the distribution of Merkle-Damg?rd transform is not only influenced by output distribution of compression function, but also influenced by the iteration times. Then, we recommend a new construction and give proofs of satisfying MPP that is CR-pr, PRO-pr, PRF-pr and AUD-pr.