A Practical Limit of Security Proof in the Ideal Cipher Model : Possibility of Using the Constant as a Trapdoor in Several Double Block Length Hash Functions

John Black exhibited a block cipher based hash function that is collision resistant in the ideal cipher model but trivially insecure when instantiated by any block cipher. His example is unrealistic but meaningful theoretically. In this paper, the authors show that several double block length hash functions based on any block cipher may have a trapdoor to help a attacker to find a collision easily. This is a practical limitation of the proof in the ideal cipher model.