1 Discrete mathematics, Department of Mathematics, Technical University of Denmark2 Department of Mathematics, Technical University of Denmark3 Iran University of Science and Technology4 Department of Applied Mathematics and Computer Science, Technical University of Denmark5 Iran University of Science and Technology
The security of permutation-based hash functions in the ideal permutation model has been studied when the input-length of compression function is larger than the input-length of the permutation function. In this paper, we consider permutation based compression functions that have input lengths shorter than that of the permutation. Under this assumption, we propose a permutation based compression function and prove its security with respect to collision and (second) preimage attacks in the ideal permutation model. The proposed compression function can be seen as a generalization of the compression function of MD6 hash function.
I E I C E Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2010, Vol E93-A, Issue 10, p. 1833-1836