Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks
The sponge construction is a popular method for hashing. Quickly after its introduction, the sponge was proven to be tightly indifferentiable from a random oracle up to ≈ 2c/2 queries, where c is the capacity. However, this bound is not tight when the number of message blocks absorbed is restricted...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2023-03-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://tosc.iacr.org/index.php/ToSC/article/view/10313 |
| _version_ | 1811154520195989504 |
|---|---|
| author | Charlotte Lefevre |
| author_facet | Charlotte Lefevre |
| author_sort | Charlotte Lefevre |
| collection | DOAJ |
| description |
The sponge construction is a popular method for hashing. Quickly after its introduction, the sponge was proven to be tightly indifferentiable from a random oracle up to ≈ 2c/2 queries, where c is the capacity. However, this bound is not tight when the number of message blocks absorbed is restricted to ℓ < ⌈ c / 2(b−c) ⌉ + 1 (but still an arbitrary number of blocks can be squeezed). In this work, we show that this restriction leads to indifferentiability from a random oracle up to ≈ min { 2b/2, max { 2c/2, 2b−ℓ×(b−c) }} queries, where b > c is the permutation size. Depending on the parameters chosen, this result allows to have enhanced security or to absorb at a larger rate for applications that require a fixed-length input hash function.
|
| first_indexed | 2024-04-10T04:18:09Z |
| format | Article |
| id | doaj.art-534af4d946d54c598501549b95b6df46 |
| institution | Directory Open Access Journal |
| issn | 2519-173X |
| language | English |
| last_indexed | 2024-04-10T04:18:09Z |
| publishDate | 2023-03-01 |
| publisher | Ruhr-Universität Bochum |
| record_format | Article |
| series | IACR Transactions on Symmetric Cryptology |
| spelling | doaj.art-534af4d946d54c598501549b95b6df462023-03-11T15:37:39ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2023-03-012023110.46586/tosc.v2023.i1.224-243Indifferentiability of the Sponge Construction with a Restricted Number of Message BlocksCharlotte Lefevre0Digital Security Group, Radboud University, Nijmegen, The Netherlands The sponge construction is a popular method for hashing. Quickly after its introduction, the sponge was proven to be tightly indifferentiable from a random oracle up to ≈ 2c/2 queries, where c is the capacity. However, this bound is not tight when the number of message blocks absorbed is restricted to ℓ < ⌈ c / 2(b−c) ⌉ + 1 (but still an arbitrary number of blocks can be squeezed). In this work, we show that this restriction leads to indifferentiability from a random oracle up to ≈ min { 2b/2, max { 2c/2, 2b−ℓ×(b−c) }} queries, where b > c is the permutation size. Depending on the parameters chosen, this result allows to have enhanced security or to absorb at a larger rate for applications that require a fixed-length input hash function. https://tosc.iacr.org/index.php/ToSC/article/view/10313spongelightweight cryptographyindifferentiability |
| spellingShingle | Charlotte Lefevre Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks IACR Transactions on Symmetric Cryptology sponge lightweight cryptography indifferentiability |
| title | Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks |
| title_full | Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks |
| title_fullStr | Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks |
| title_full_unstemmed | Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks |
| title_short | Indifferentiability of the Sponge Construction with a Restricted Number of Message Blocks |
| title_sort | indifferentiability of the sponge construction with a restricted number of message blocks |
| topic | sponge lightweight cryptography indifferentiability |
| url | https://tosc.iacr.org/index.php/ToSC/article/view/10313 |
| work_keys_str_mv | AT charlottelefevre indifferentiabilityofthespongeconstructionwitharestrictednumberofmessageblocks |