Improving MDC-4 to Be More Secure

MDC-4 is the enhanced version of MDC-2, which is a well-known hash mode of block ciphers. However, it does not guarantee sufficient securities required for a cryptographic hash function. In the ideal cipher model, the MDC-4 compression function has the collision security bound close to 2(5n/8) and the preimage security bound close to 2(5n/4), where the underlying block cipher has the block size of n bits. We have studied how to improve MDC-4 with simple modification to strengthen its security. It is meaningful work because users often want to improve their familiar systems with low cost. In this paper, we achieve it by proposing MDC-4(+), which is a light variation of MDC-4. We prove that MDC-4(+) is much more secure than MDC-4 by showing that it has the collision security bound close to optimal 2(n) and the preimage security bound close to 2(4n/3). We also discuss its efficiency by comparing existing hash modes.