Adaptive Preimage Resistance Analysis Revisited: Requirements, Subtleties and Implications
In the last few years, the need to design new cryptographic hash functions has led to the intense study of when desired hash multi-properties are preserved or assured under compositions and domain extensions. In this area, it is important to identify the exact notions and provide often complex proofs of the resulting properties. Getting this analysis right (as part of provable security studies) is, in fact, analogous to cryptanalysis. The authors note that it is important and quite subtle to get indeed the "Right" notions and properties, and "Right" proofs in this relatively young area. Specifically, the security notion they deal with is "Adaptive preimage resistance" (apr) which was introduced by Lee and Park as an extension of "Preimage resistance" (pr).