Miyaji Laboratory

A cryptographic hash function is a function which maps an input of arbitrary length to an output of fixed length. There　are two approaches to build a cryptographic hash such as scratch (MD4/5, SHA-256/512) and blockcipher. In recent years　researchers are interested on blockcipher based hash function because of several successful attacks on MD4/5 and SHA-family　type functions. Block-cipher based hash functions are classified into single-block-length (SBL) and double-block-length (DBL) where the output length of SBL hash function is equal to the block length and DBL hash function is twice of block length. It　is well-known that due to birthday attack SBL hash function　is no longer secure in terms of CR. DBL hash function comes in various guises (three variants), depending on the number　of blockcipher calls per compression function and the bit-length of the key (block-cipher) such as one call to a 2n-bit key,　two calls to a 2n-bit key, two calls to an n-bit key. Some constructions under 2nd variant such as Weimar, Tandem, Hirose　are bound in collision resistance and preimage resistance respectively by O(2^n) and o(2^2n) but their efficiency rate is 1/2. It is known that cryptographic hash functions are implementable in a manner suitable for RFID tags or WSN's devices and thus it is heavily used by RFID security protocol designers. Nowadays the pervasive computing like smart cards, RFID tags and sensor nodes that are　used for public transport, smart electricity meters and anti-counterfeiting is become the main point for wireless communication　and embedded systems which is exponentially increased day by day. The choice of security algorithms of resource-limited　devices should be very careful by consideration of the implementation costs, amount of power and symmetric-key algorithms,　especially blockciphers still play an important role for the security of the embedded systems where uses of variable message　size in blockcipher contributes a vital position. In all current famous schemes of DBL uses fixed size of message. DBL (AES-256) is not user friendly because of more power needed as well as more encryption and decryption is being required. Therefore　there is an open scope to do work for AES-128 based DBL hash function which can meets the above criteria.