Multicollision Attacks on a Class of Hash Functions
نویسندگان
چکیده
In a recent paper, A. Joux [7] showed multicollision attacks on the classical iterated hash function. (A multicollision is a set of inputs whose hash values are same.) He also showed how the multicollision attacks can be used to get a collision attack on the concatenated hash function. In this paper, we first try to fix the attack by introducing a natural and wide class hash functions. However, we show that the multicollision attacks also exist in this general class. Thus, we rule out a natural and a wide class of hash functions as candidates for multicollision secure hash functions.
منابع مشابه
Multicollision Attacks on Generalized Hash Functions
In a recent paper in crypto-04, A. Joux [6] showed a multicollision attacks on the classical iterated hash function. He also showed how the multicollision attack can be used to get a collision attack on the concatenated hash function. In this paper we have shown that the multicollision attacks exist in a general class of sequential or tree based hash functions even if message blocks are used tw...
متن کاملCryptanalysis of a class of cryptographic hash functions
We apply new cryptanalytical techniques to perform the generic multi-block multicollision, second preimage and herding attacks on the Damg̊ard-Merkle hash functions with linear-XOR/additive checksums. The computational work required to perform these attacks on the Damg̊ard-Merkle hash functions with linear-XOR/additive checksum of message blocks (GOST), intermediate states (3C, MAELSTROM-0, F-Has...
متن کاملCombinatorics on words in information security: Unavoidable regularities in the construction of multicollision attacks on iterated hash functions
Classically in combinatorics on words one studies unavoidable regularities that appear in sufficiently long strings of symbols over a fixed size alphabet. In this paper we take another viewpoint and focus on combinatorial properties of long words in which the number of occurrences of any symbol is restritced by a fixed constant. We then demonstrate the connection of these properties to construc...
متن کاملA Class of secure Double Length Hash Functions
In this paper we constructed a class of double length hash functions which are maximally secure i.e. the birthday attack is the best possible attack. Recently, Joux [6] in Crypto-04 showed a multicollision attack on the classical iterated hash function which can be used to get the collision on the concatenated double length hash functions. Very recently, Lucks [10] also designed a double-pipe h...
متن کاملOn iteration-based security flaws in modern hash functions
The design principles proposed independently by both Ralph Merkle and Ivan Damgård in 1989 are applied widely in hash functions that are used in practice. The construction reads the message in one message block at a time and applies iteratively a compression function that, given a single message block and a hash value, outputs a new hash value. This iterative structure has some security weaknes...
متن کامل