Abstract:
The security of permutation-based hash functions in the
ideal permutation model has been studied when the input-length
of compression function is larger than the input-length of the
permutation function. In this paper, we consider permutation
based compression functions that have input lengths shorter than
that of the permutation. Under this assumption, we propose a
permutation based compression function and prove its security
with respect to collision and (second) preimage attacks in the
ideal permutation model. The proposed compression function
can be seen as a generalization of the compression function of
MD6 hash function.
Keywords: Compression function, Permutation, Collision,
Preimage, Second-preimage.