Generalizing the Herding Attack to Concatenated Hashing Schemes⋆

نویسندگان

  • Orr Dunkelman
  • Bart Preneel
چکیده

In this paper we extend the herding attacks for concatenated hash functions, i.e., hash functions of the form h(x) = h1(x)||h2(x). Our results actually apply a much larger set of hash functions. We show that even when the compression function of h(·) can be written as two (or more) data paths, where one data path is not affected by the second (while the second may depend on the first), then the generalized herding attack can be applied. This result along with Joux’s original observations show that schemes that aim to improve the resistance of hash functions against these attacks, must use diffusion between the various data paths.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Image authentication using LBP-based perceptual image hashing

Feature extraction is a main step in all perceptual image hashing schemes in which robust features will led to better results in perceptual robustness. Simplicity, discriminative power, computational efficiency and robustness to illumination changes are counted as distinguished properties of Local Binary Pattern features. In this paper, we investigate the use of local binary patterns for percep...

متن کامل

Herding, Second Preimage and Trojan Message Attacks beyond Merkle-Damgård

In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle­ Damg̊ard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore “hash-twice” construction which process ...

متن کامل

Some Cryptanalytic Results on Zipper Hash and Concatenated Hash

At SAC 2006, Liskov proposed the zipper hash, a technique for constructing secure (indifferentiable from random oracles) hash functions based on weak (invertible) compression functions. Zipper hash is a two pass scheme, which makes it unfit for practical consideration. But, from the theoretical point of view it seemed to be secure, as it had resisted standard attacks for long. Recently, Andreev...

متن کامل

Provable Chosen-Target-Forced-Midfix Preimage Resistance

This paper deals with definitional aspects of the herding attack of Kelsey and Kohno, and investigates the provable security of several hash functions against herding attacks. Firstly, we define the notion of chosen-target-forced-midfix (CTFM) as a generalization of the classical herding (chosen-target-forced-prefix) attack to the cases where the challenge message is not only a prefix but may a...

متن کامل

Mitigating Node Capture Attack in Random Key Distribution Schemes through Key Deletion

Random Key Distribution (RKD) schemes have been widely accepted to enable low-cost secure communications in Wireless Sensor Networks (WSNs). However, efficiency of secure link establishment comes with the risk of compromised communications between benign nodes by adversaries who physically capture sensor nodes. The challenge is to enhance resilience of WSN against node capture, while maintainin...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007