Collision Attacks on MD5 and SHA-1: Is this the “Sword of Damocles” for Electronic Commerce?
نویسندگان
چکیده
Since Wang et al. announced their results regarding the susceptibility of MD5 (Crypto’04) and SHA-1 (Crypto’05) hash functions to collision attacks, there have been many papers advancing further aspects of these attacks. What has been lacking is an analysis of the legal effect of these attacks upon electronic commerce transactions. As technological advancements are made, the law will need to adjust so as to take account of these attacks so that there does not arise a total undermining of the electronic commerce environment. The legal implications of these attacks need to be understood so that the courts do not over react and thus destroy any confidence commerce currently has in operating in the electronic commerce environment. This paper explores the legal implications of these attacks where certain software applications rely, in part, upon either MD5 or SHA-1.
منابع مشابه
Collision-Resistant Usage of MD5 and SHA-1 Via Message Preprocessing
A series of recent papers have demonstrated collision attacks on popularly used hash functions, including the widely deployed MD5 and SHA-1 algorithm. To assess this threat, the natural response has been to evaluate the extent to which various protocols actually depend on collision resistance for their security, and potentially schedule an upgrade to a stronger hash function. Other options invo...
متن کاملCollision Resistant Usage of SHA-1 via Message Pre-processing
A series of recent papers have demonstrated collision attacks on popularly used hash functions, including the widely deployed MD5 and SHA-1 algorithm. To assess this threat, the natural response has been to evaluate the extent to which various protocols actually depend on collision resistance for their security, and potentially schedule an upgrade to a stronger hash function. Other options invo...
متن کاملSpeeding up detection of SHA-1 collision attacks using unavoidable attack conditions
Counter-cryptanalysis, the concept of using cryptanalytic techniques to detect cryptanalytic attacks, was first introduced by Stevens at CRYPTO 2013 [22] with a hash collision detection algorithm. That is, an algorithm that detects whether a given single message is part of a colliding message pair constructed using a cryptanalytic collision attack on MD5 or SHA-1. The concept’s utility was prov...
متن کاملCounter-Cryptanalysis
We introduce counter-cryptanalysis as a new paradigm for strengthening weak cryptographic primitives against cryptanalytic attacks. Redesigning a weak primitive to more strongly resist cryptanalytic techniques will unavoidably break backwards compatibility. Instead, countercryptanalysis exploits unavoidable anomalies introduced by cryptanalytic attacks to detect and block cryptanalytic attacks ...
متن کاملA proposal of a criterion for collision resistance of hash functions
clear the advantage of the fact that an attacker can know all intermediate values in calculating an outIn this paper we revisit the tequniques for collision put. This fact is the most different assumption for attacks and study the relation between maximum an attacker from block cipher’s case. differential characteristic probability and a limit of However Wang et al. showed in the last two years...
متن کامل