Donghoon Chang

Learn More
In this paper, we propose a new block cipher HIGHT with 64-bit block length and 128-bit key length. It provides low-resource hardware implementation, which is proper to ubiquitous computing device such as a sensor in USN or a RFID tag. HIGHT does not only consist of simple operations to be ultra-light but also has enough security as a good encryption(More)
This paper describes a new software-efficient 256-bit hash function, FORK-256. Recently proposed attacks on MD5 and SHA-1 motivate a new hash function design. It is designed not only to have higher security but also to be faster than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it is secure(More)
Understanding what construction strategy has a chance to be a good hash function is extremely important nowadays. In TCC’04, Maurer et al. [13] introduced the notion of indifferentiability as a generalization of the concept of the indistinguishability of two systems. In Crypto’2005, Coron et al. [5] suggested to employ indifferentiability in generic(More)
The classical design principle Merkle-Damg̊ard [13, 6] is scrutinized by many ways such as Joux’s multicollision attack, Kelsey-Schneier second preimage attack etc. In TCC’04, Maurer et al. introduced a strong security notion called as “indifferentiability” for a hash function based on a compression function. The classical design principle is also insecure(More)
The National Institute of Standards and Technology (NIST) opened a public competition on November 2, 2007 to develop a new cryptographic hash algorithm – SHA-3, which will augment the hash algorithms currently specified in the Federal Information Processing Standard (FIPS) 180-3, Secure Hash Standard. The competition was NIST’s response to advances in the(More)
The sponge construction, designed by Bertoni, Daemen, Peeters, and Ass­ cheis, is the framework for hash functions such as Keccak, PHOTON, Quark, and spon­ gent. The designers give a keyed sponge construction by prepending the message with key and prove a bound on its pseudorandomness in the ideal permutation model . In this paper we give a different keyed(More)
Abstract. Biclique cryptanalysis is a recent technique that has been successfully applied to AES resulting in key recovery faster than brute force. However, a major hurdle in carrying out biclique cryptanalysis on AES is that it requires very high data complexity. This naturally warrants questions over the practical feasibility of implementing biclique(More)
We present two new parallel algorithms for extending the domain of a UOWHF. The first algorithm is complete binary tree based construction and has less key length expansion than Sarkar’s construction which is the previously best known complete binary tree based construction. But only disadvantage is that here we need more key length expansion than that of(More)