On hash functions using checksums
We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage a...
Gespeichert in:
| Veröffentlicht in: | International journal of information security 2010-04, Vol.9 (2), p.137-151 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 151 |
|---|---|
| container_issue | 2 |
| container_start_page | 137 |
| container_title | International journal of information security |
| container_volume | 9 |
| creator | Gauravaram, Praveen Kelsey, John Knudsen, Lars R. Thomsen, Søren S. |
| description | We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage attack of Kelsey and Schneier, the herding attack of Kelsey and Kohno and the multicollision attack of Joux. Our attacks also apply to a large class of cascaded hash functions. Our second preimage attacks on the cascaded hash functions improve the results of Joux presented at Crypto’04. We also apply our attacks to the MD2 and GOST hash functions. Our second preimage attacks on the MD2 and GOST hash functions improve the previous best known short-cut second preimage attacks on these hash functions by factors of at least 2
26
and 2
54
, respectively. Our herding and multicollision attacks on the hash functions based on generic checksum functions (e.g., one-way) are a special case of the attacks on the cascaded iterated hash functions previously analysed by Dunkelman and Preneel and are not better than their attacks. On hash functions with easily invertible checksums, our multicollision and herding attacks (if the hash value is short as in MD2) are more efficient than those of Dunkelman and Preneel. |
| doi_str_mv | 10.1007/s10207-009-0100-7 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_743618708</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1992363951</sourcerecordid><originalsourceid>FETCH-LOGICAL-c390t-59750a5026f2694ee70affc562daf2d57519c4ef4ac1ba1ec49cd988bbf720a03</originalsourceid><addsrcrecordid>eNp1kE1LAzEQhoMoWKs_wNvqxVN0kt0km6MUv6DQi55Dmk26W9tszXQP_ntTVhQETzMMz_syPIRcMrhlAOoOGXBQFEBTyAeqjsiESSao4AqOf3bJT8kZ4hqAM9BsQq4WsWgttkUYott3fcRiwC6uCtd6947DFs_JSbAb9Bffc0reHh9eZ890vnh6md3PqSs17KnQSoAVwGXgUlfeK7AhOCF5YwNvhBJMu8qHyjq2tMy7SrtG1_VyGRQHC-WU3Iy9u9R_DB73Ztuh85uNjb4f0KiqlKxWUGfy-g-57ocU83OGc1VyIasyQ2yEXOoRkw9ml7qtTZ-GgTkoM6Myk5WZgzKjcoaPGcxsXPn0W_x_6Avt72xy</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>227325643</pqid></control><display><type>article</type><title>On hash functions using checksums</title><source>SpringerLink Journals - AutoHoldings</source><source>EBSCOhost Business Source Complete</source><creator>Gauravaram, Praveen ; Kelsey, John ; Knudsen, Lars R. ; Thomsen, Søren S.</creator><creatorcontrib>Gauravaram, Praveen ; Kelsey, John ; Knudsen, Lars R. ; Thomsen, Søren S.</creatorcontrib><description>We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage attack of Kelsey and Schneier, the herding attack of Kelsey and Kohno and the multicollision attack of Joux. Our attacks also apply to a large class of cascaded hash functions. Our second preimage attacks on the cascaded hash functions improve the results of Joux presented at Crypto’04. We also apply our attacks to the MD2 and GOST hash functions. Our second preimage attacks on the MD2 and GOST hash functions improve the previous best known short-cut second preimage attacks on these hash functions by factors of at least 2
26
and 2
54
, respectively. Our herding and multicollision attacks on the hash functions based on generic checksum functions (e.g., one-way) are a special case of the attacks on the cascaded iterated hash functions previously analysed by Dunkelman and Preneel and are not better than their attacks. On hash functions with easily invertible checksums, our multicollision and herding attacks (if the hash value is short as in MD2) are more efficient than those of Dunkelman and Preneel.</description><identifier>ISSN: 1615-5262</identifier><identifier>EISSN: 1615-5270</identifier><identifier>DOI: 10.1007/s10207-009-0100-7</identifier><language>eng</language><publisher>Berlin/Heidelberg: Springer-Verlag</publisher><subject>Coding and Information Theory ; Communications Engineering ; Computer Communication Networks ; Computer Science ; Construction ; Cryptology ; Management of Computing and Information Systems ; Network security ; Networks ; Operating Systems ; Regular Contribution ; Studies</subject><ispartof>International journal of information security, 2010-04, Vol.9 (2), p.137-151</ispartof><rights>Springer-Verlag 2009</rights><rights>Springer-Verlag 2010</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c390t-59750a5026f2694ee70affc562daf2d57519c4ef4ac1ba1ec49cd988bbf720a03</citedby><cites>FETCH-LOGICAL-c390t-59750a5026f2694ee70affc562daf2d57519c4ef4ac1ba1ec49cd988bbf720a03</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10207-009-0100-7$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s10207-009-0100-7$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27901,27902,41464,42533,51294</link.rule.ids></links><search><creatorcontrib>Gauravaram, Praveen</creatorcontrib><creatorcontrib>Kelsey, John</creatorcontrib><creatorcontrib>Knudsen, Lars R.</creatorcontrib><creatorcontrib>Thomsen, Søren S.</creatorcontrib><title>On hash functions using checksums</title><title>International journal of information security</title><addtitle>Int. J. Inf. Secur</addtitle><description>We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage attack of Kelsey and Schneier, the herding attack of Kelsey and Kohno and the multicollision attack of Joux. Our attacks also apply to a large class of cascaded hash functions. Our second preimage attacks on the cascaded hash functions improve the results of Joux presented at Crypto’04. We also apply our attacks to the MD2 and GOST hash functions. Our second preimage attacks on the MD2 and GOST hash functions improve the previous best known short-cut second preimage attacks on these hash functions by factors of at least 2
26
and 2
54
, respectively. Our herding and multicollision attacks on the hash functions based on generic checksum functions (e.g., one-way) are a special case of the attacks on the cascaded iterated hash functions previously analysed by Dunkelman and Preneel and are not better than their attacks. On hash functions with easily invertible checksums, our multicollision and herding attacks (if the hash value is short as in MD2) are more efficient than those of Dunkelman and Preneel.</description><subject>Coding and Information Theory</subject><subject>Communications Engineering</subject><subject>Computer Communication Networks</subject><subject>Computer Science</subject><subject>Construction</subject><subject>Cryptology</subject><subject>Management of Computing and Information Systems</subject><subject>Network security</subject><subject>Networks</subject><subject>Operating Systems</subject><subject>Regular Contribution</subject><subject>Studies</subject><issn>1615-5262</issn><issn>1615-5270</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2010</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNp1kE1LAzEQhoMoWKs_wNvqxVN0kt0km6MUv6DQi55Dmk26W9tszXQP_ntTVhQETzMMz_syPIRcMrhlAOoOGXBQFEBTyAeqjsiESSao4AqOf3bJT8kZ4hqAM9BsQq4WsWgttkUYott3fcRiwC6uCtd6947DFs_JSbAb9Bffc0reHh9eZ890vnh6md3PqSs17KnQSoAVwGXgUlfeK7AhOCF5YwNvhBJMu8qHyjq2tMy7SrtG1_VyGRQHC-WU3Iy9u9R_DB73Ztuh85uNjb4f0KiqlKxWUGfy-g-57ocU83OGc1VyIasyQ2yEXOoRkw9ml7qtTZ-GgTkoM6Myk5WZgzKjcoaPGcxsXPn0W_x_6Avt72xy</recordid><startdate>20100401</startdate><enddate>20100401</enddate><creator>Gauravaram, Praveen</creator><creator>Kelsey, John</creator><creator>Knudsen, Lars R.</creator><creator>Thomsen, Søren S.</creator><general>Springer-Verlag</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>0-V</scope><scope>0U~</scope><scope>1-H</scope><scope>3V.</scope><scope>7SC</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>88F</scope><scope>8AL</scope><scope>8AM</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ALSLI</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>BGRYB</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>K7.</scope><scope>L.-</scope><scope>L.0</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0C</scope><scope>M0N</scope><scope>M0O</scope><scope>M1Q</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>Q9U</scope></search><sort><creationdate>20100401</creationdate><title>On hash functions using checksums</title><author>Gauravaram, Praveen ; Kelsey, John ; Knudsen, Lars R. ; Thomsen, Søren S.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c390t-59750a5026f2694ee70affc562daf2d57519c4ef4ac1ba1ec49cd988bbf720a03</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2010</creationdate><topic>Coding and Information Theory</topic><topic>Communications Engineering</topic><topic>Computer Communication Networks</topic><topic>Computer Science</topic><topic>Construction</topic><topic>Cryptology</topic><topic>Management of Computing and Information Systems</topic><topic>Network security</topic><topic>Networks</topic><topic>Operating Systems</topic><topic>Regular Contribution</topic><topic>Studies</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Gauravaram, Praveen</creatorcontrib><creatorcontrib>Kelsey, John</creatorcontrib><creatorcontrib>Knudsen, Lars R.</creatorcontrib><creatorcontrib>Thomsen, Søren S.</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Social Sciences Premium Collection</collection><collection>Global News & ABI/Inform Professional</collection><collection>Trade PRO</collection><collection>ProQuest Central (Corporate)</collection><collection>Computer and Information Systems Abstracts</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Military Database (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>Criminal Justice Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Social Science Premium Collection</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>Criminology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Criminal Justice (Alumni)</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ABI/INFORM Professional Standard</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>ProQuest Criminal Justice</collection><collection>Military Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central Basic</collection><jtitle>International journal of information security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Gauravaram, Praveen</au><au>Kelsey, John</au><au>Knudsen, Lars R.</au><au>Thomsen, Søren S.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>On hash functions using checksums</atitle><jtitle>International journal of information security</jtitle><stitle>Int. J. Inf. Secur</stitle><date>2010-04-01</date><risdate>2010</risdate><volume>9</volume><issue>2</issue><spage>137</spage><epage>151</epage><pages>137-151</pages><issn>1615-5262</issn><eissn>1615-5270</eissn><abstract>We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage attack of Kelsey and Schneier, the herding attack of Kelsey and Kohno and the multicollision attack of Joux. Our attacks also apply to a large class of cascaded hash functions. Our second preimage attacks on the cascaded hash functions improve the results of Joux presented at Crypto’04. We also apply our attacks to the MD2 and GOST hash functions. Our second preimage attacks on the MD2 and GOST hash functions improve the previous best known short-cut second preimage attacks on these hash functions by factors of at least 2
26
and 2
54
, respectively. Our herding and multicollision attacks on the hash functions based on generic checksum functions (e.g., one-way) are a special case of the attacks on the cascaded iterated hash functions previously analysed by Dunkelman and Preneel and are not better than their attacks. On hash functions with easily invertible checksums, our multicollision and herding attacks (if the hash value is short as in MD2) are more efficient than those of Dunkelman and Preneel.</abstract><cop>Berlin/Heidelberg</cop><pub>Springer-Verlag</pub><doi>10.1007/s10207-009-0100-7</doi><tpages>15</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1615-5262 |
| ispartof | International journal of information security, 2010-04, Vol.9 (2), p.137-151 |
| issn | 1615-5262 1615-5270 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_743618708 |
| source | SpringerLink Journals - AutoHoldings; EBSCOhost Business Source Complete |
| subjects | Coding and Information Theory Communications Engineering Computer Communication Networks Computer Science Construction Cryptology Management of Computing and Information Systems Network security Networks Operating Systems Regular Contribution Studies |
| title | On hash functions using checksums |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-03T02%3A21%3A48IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=On%20hash%20functions%20using%20checksums&rft.jtitle=International%20journal%20of%20information%20security&rft.au=Gauravaram,%20Praveen&rft.date=2010-04-01&rft.volume=9&rft.issue=2&rft.spage=137&rft.epage=151&rft.pages=137-151&rft.issn=1615-5262&rft.eissn=1615-5270&rft_id=info:doi/10.1007/s10207-009-0100-7&rft_dat=%3Cproquest_cross%3E1992363951%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=227325643&rft_id=info:pmid/&rfr_iscdi=true |