Collisions for RC4-Hash
نویسندگان
چکیده
RC4-Hash is a variable digest length cryptographic hash function based on the design of the RC4 stream cipher. In this paper, we show that RC4-Hash is not collision resistant. Collisions for any digest length can be found with an expected effort of less than 2 compression function evaluations. This is extended to multicollisions for RC4-Hash. Finding a set of 2 colliding messages has an expected cost of 2 + k · 2 compression function evaluations.
منابع مشابه
Generalized RC4 Key Collisions and Hash Collisions
In this paper, we discovered that RC4 can generate colliding key pairs with various hamming distances, other than those found by Matsui (with hamming distance one), and by Chen and Miyaji (with hamming distance three). We formalized RC4 colliding key pairs into two large patterns, namely, Transitional pattern and Self-Absorbing pattern, according to the behavior during KSA. The colliding key pa...
متن کاملSecurity Analysis of Michael: the IEEE 802.11i Message Integrity Code
The IEEE 802.11b standard employs a data security mechanism known as Wired Equivalent Privacy (WEP). WEP uses RC4 stream cipher for its data encryption and CRC-32 to check its message integrity. Recent research shows that WEP is not secure as it does not use RC4 and CRC-32 correctly. The latest IEEE 802.11i draft uses a new keyed hash function, called Michael, as the message integrity code. Thi...
متن کاملSecurity Analysis of Michael: The IEEE 802.11i Message Integrity Code
The latest IEEE 802.11i uses a keyed hash function, called Michael, as the message integrity code. This paper describes some properties and weaknesses of Michael. We provide a necessary and sufficient condition for finding collisions of Michael. Our observation reveals that the collision status of Michael only depends on the second last block message and the output of the block function in the ...
متن کاملRC 4 - Hash : A New Hash Function based on RC 4 ( Extended Abstract )
In this paper, we propose a new hash function based on RC4 and we call it RC4-Hash. This proposed hash function produces variable length hash output from 16 bytes to 64 bytes. Our RC4-Hash has several advantages over many popularly known hash functions. Its efficiency is comparable with widely used known hash function (e.g., SHA-1). Seen in the light of recent attacks on MD4, MD5, SHA-0, SHA-1 ...
متن کاملCryptanalysis of RC4-Based Hash Function
RC4-Based Hash Function is a new proposed hash function based on RC4 stream cipher for ultra low power devices. In this paper, we analyse the security of the function against collision attack. It is shown that the attacker can find collision and multi-collision messages with complexity only 6 compress function operations and negligible memory with time complexity 2. In addition,we show the hash...
متن کامل