`Tom Shrimpton (http://www.cs.pdx.edu/~teshrim/) does research in this`

`area (ie. using block ciphers to build hash functions). See the papers`

`on his web site; in particular:`

`Black-Box Analysis of the Block-Cipher-Based Hash-Function Constructions`

`from PGV [pdf] [ps]`

John Black, Phillip Rogaway, and Thomas Shrimpton

-James Arash Partow wrote:

Hi all, How does one properly use a symmetric cipher as a cryptographic hash function? I seem to be going around in circles. Initially I thought you choose some known key and encrypt the data with the key, using either the encrypted text or the internal state of the cipher as the hash value, turns out all one needs to do to break it, is decrypt the hash value with the "known" key and you get a value which will produce the same hash value. Reversing the situation (using the data as the key and a known plain- text) makes a plaintext attack seem like a joy etc.. Are there any papers/books/etc that explain the implementation/use of symmetric ciphers (particularly AES) as cryptographic hash functions? btw I know that hash functions and symmetric ciphers share the same structural heritage (feistel rounds etc...), I just don't seem to be making the usage link at this point in time... :D Any help would be very much appreciated. Kind regards Arash Partow ________________________________________________________ Be one who knows what they don't know, Instead of being one who knows not what they don't know, Thinking they know everything about all things. http://www.partow.net --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]