Showing papers on "Collision attack published in 2002"

Fractal hash sequence representation and traversal

Abstract: We introduce a novel amortization technique for computation of consecutive pre-images of hash chains, given knowledge of the seed. While all previously known techniques have a memory-times-computational complexity of O(n) per chain element, the complexity of our technique can be upper bounded at O(log/sup 2/ n), making it a useful primitive for low-cost applications such as authentication, signatures and micro-payments.

Scalable certificate validation and simplified PKI management

Abstract: Managing a digital certificate includes a landlord providing a digital certificate, a secure hardware device generating a series of n hash values, the secure hardware device providing an nth hash value to the landlord, wherein other hash values are not readily available to the landlord, the landlord placing the nth hash value in the certificate, the landlord digitally verifying the certificate containing the nth hash value to obtain a digitally signed certificate, a tenant obtaining the digitally signed certificate, the tenant obtaining the n hash values and the tenant managing the certificate by periodically issuing a previous hash value in the series of n hash values in response to the certificate being valid when the previous hash value is issued.

Construction of secure and fast hash functions using nonbinary error-correcting codes

Abstract: This paper considers iterated hash functions. It proposes new constructions of fast and secure compression functions with nl-bit outputs for integers n>1 based on error-correcting codes and secure compression functions with l-bit outputs. This leads to simple and practical hash function constructions based on block ciphers such as the Data Encryption Standard (DES), where the key size is slightly smaller than the block size; IDEA, where the key size is twice the block size; Advanced Encryption Standard (AES), with a variable key size; and to MD4-like hash functions. Under reasonable assumptions about the underlying compression function and/or block cipher, it is proved that the new hash functions are collision resistant. More precisely, a lower bound is shown on the number of operations to find a collision as a function of the strength of the underlying compression function. Moreover, some new attacks are presented that essentially match the presented lower bounds. The constructions allow for a large degree of internal parallelism. The limits of this approach are studied in relation to bounds derived in coding theory.

Hardware-Based Secure Code Authentication

Abstract: The present invention provides for authentication of code, such as boot code. A memory addressing engine is employable to select a portion of a memory, as a function of a step value, as a first input hash value. The step value allows for the non-commutative cumulative hashing of a plurality of memory portions with a second input hash value, such as a previous hash value that has been rotated left. An authenticator circuit is employable to perform a hash upon the portion of memory and the second input hash value. A comparison circuit is then employable to compare an output of the authenticator circuit to an expected value.

On Hash Function Firewalls in Signature Schemes

Abstract: The security of many signature schemes depends on the verifier's assurance that the same hash function is applied during signature verification as during signature generation Several schemes provide this assurance by appending a hash function identifier to the hash value We show that such "hash function firewalls" do not necessarily prevent an opponent from forging signatures with a weak hash function and we give "weak hash function" attacks on several signature schemes that employ such firewalls We also describe a new signature forgery attack on PKCS #1 v15 signatures, possible even with a strong hash function, based on choosing a new (and suspicious-looking) hash function identifier as part of the attack

On the Security of Reduced Versions of 3-Pass HAVAL

Abstract: HAVAL is a dedicated hash function of the MD family which was proposed by Zheng et al. In this paper, we study the security of reduced versions of 3-pass HAVAL. We find a 256-bit collision of the first two passes of 3-pass HAVAL and of the last two passes of 3-pass HAVAL.

Secure Block Ciphers Are Not Sufficient for One-Way Hash Functions in the Preneel-Govaerts-Vandewalle Model

Abstract: There are many proposals of unkeyed hash functions based on block ciphers. Preneel, Govaerts and Vandewalle, in their CRYPTO'93 paper, presented the general model of unkeyed hash functions based on block ciphers such that the size of the hashcode is equal to the block size and is almost equal to the key size. In this article, it is shown that, for every unkeyed hash function in their model, there exist block ciphers secure against the adaptive chosen plaintext attack such that the unkeyed hash function based on them is not one-way. The proof is constructive: the secure block ciphers are explicitly defined based on which one-way unkeyed hash functions cannot be constructed. Some of the block ciphers presented are secure even against the adaptive chosen plaintext/ciphertext attack.

Producing Collisions for PANAMA

Abstract: PANAMA is a cryptographic module that was presented at the FSE Workshop in '98 by Joan Daemen and Craig Clapp It can serve both as a stream cipher and as a cryptographic hash function, with a hash result of 256 bits PANAMA achieves high performance (for large amounts of data) because of its inherent parallelism We will analyse the security of PANAMA when used as a hash function, and demonstrate an attack able to find collisions much faster than by birthday attack The computational complexity of our current attack is 2 82 ; the required amount of memory is negligible

Cryptanalysis of the Modified Version of the Hash Function Proposed at PKC'98

Abstract: In the conference PKC'98, Shin et al. proposed a dedicated hash function of the MD family. In this paper, we study the security of Shin's hash function. We analyze the property of the Boolean functions, the message expansion, and the data dependent rotations of the hash function. We propose a method for finding the collisions of the modified Shin's hash function and show that we can find collisions with probability 2-30.

The Principle and Implement of One-way Hash Functions and Their Cryptographic Application

Abstract: The paper introduces the theory and implement of one way hash functions,and using the MD5 Algorithm which is extensively used in cryptography as an example,introduces its principle and implement in detail.At last,we research the application of them,and present a new schedule of user key management.

Design and Analysis Cryptographic Hash Function for The Next Generation

Abstract: Hash functions play an important role in a branch of information secret. The hash algorithm provides the services of information security, authentication, integrity, non-reputation and so on. As the growth of computer technologies, the hash value has been become longer based on the complexity of calculation. It was known to be desirable that the output lengths of hash functions are more than 160 bits. The 1 edition of Hash Function Standard–160 of Korea, namely HAS-160, was published in 1998 and the revised edition was published in 2000. In this paper, we propose the three improved hash functions. First, we propose HAS-256, 384 and 512 that were based on SHA-256, 384 and 512. Second, we propose SHA-V using HAS-V proposed by P.J.Lee [12]. He proposed a new hash function with variable output length. Third, we propose the SHA-V with variable output length and another HAS-longer-version based on RIPEMD-256/320. Keyword:Informatics,Cryptography,Information-Securit y. Hash function, Digital signature, Authentication, Integrity, HAS, SHA,MD4, RIPEMD, SEED

Cryptanalysis of some Hash Functions based on Block Ciphers and Codes

Abstract: At PKC 2000, Inoue and Sakurai proposed some methods to design hash functions from block ciphers and codes (block codes and convolutional codes). They claimed that their hash functions are secure: encryptions are necessary to find a collision, where and are the minimal distance of the code and the block size of block cipher, respectively. However, we show in this paper that a collision could be found with about encryptions, where is a small number.