Revisiting Collision and Local Opening Analysis of ABR Hash

Chandranan Dhar, Yevgeniy Dodis, Mridul Nandi

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The question of building the most efficient tn-to-n-bit collision-resistant hash function H from a smaller (say, 2n-to-n-bit) compression function f is one of the fundamental questions in symmetric key cryptography. This question has a rich history, and was open for general t, until a recent breakthrough paper by Andreeva, Bhattacharyya and Roy at Eurocrypt'21, who designed an elegant mode (which we call ABR) achieving roughly 2t/3 calls to f, which matches the famous Stam's bound from CRYPTO'08. Unfortunately, we have found serious issues in the claims made by the authors. These issues appear quite significant, and range from verifiably false statements to noticeable gaps in the proofs (e.g., omissions of important cases and unjustified bounds). We were unable to patch up the current proof provided by the authors. Instead, we prove from scratch the security of the ABR construction for the first non-trivial case t = 11 (ABR mode of height 3), which was incorrectly handled by the authors. In particular, our result matches Stam's bound for t = 11. While the general case is still open, we hope our techniques will prove useful to finally settle the question of the optimal efficiency of hash functions.

Original languageEnglish (US)
Title of host publication3rd Conference on Information-Theoretic Cryptography, ITC 2022
EditorsDana Dachman-Soled
PublisherSchloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
ISBN (Electronic)9783959772389
StatePublished - Jul 1 2022
Event3rd Conference on Information-Theoretic Cryptography, ITC 2022 - Cambridge, United States
Duration: Jul 5 2022Jul 7 2022

Publication series

NameLeibniz International Proceedings in Informatics, LIPIcs
ISSN (Print)1868-8969


Conference3rd Conference on Information-Theoretic Cryptography, ITC 2022
Country/TerritoryUnited States


  • ABR hash
  • collision resistance
  • local opening

ASJC Scopus subject areas

  • Software


Dive into the research topics of 'Revisiting Collision and Local Opening Analysis of ABR Hash'. Together they form a unique fingerprint.

Cite this