Published: November 3, 2009
Author(s)
Elena Andreeva, Charles Bouillaguet, Orr Dunkelman, John Kelsey
Conference
Name: 16th International Workshop, Selected Areas in Cryptography (SAC 2009)
Dates: 08/13/2009 - 08/14/2009
Location: Calgary, Alberta, Canada
Citation: Selected Areas in Cryptography, vol. 5867, pp. 393-414
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgård construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore “hash-twice” construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack — the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix.
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgård construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this...
See full abstract
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgård construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore “hash-twice” construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack — the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix.
Hide full abstract
Keywords
concatenated hash; herding attack; second preimage attack; tree hash; Trojan message attack; zipper hash
Control Families
None selected