Collision attack

About: Collision attack is a research topic. Over the lifetime, 1093 publications have been published within this topic receiving 28389 citations.

Cryptanalysis of an Improved One-Way Hash Chain Self-Healing Group Key Distribution Scheme.

Abstract: In 2014, Chen et al. proposed a one-way hash self-healing group key distribution scheme for resource-constrained wireless networks in Journal of Sensors (14(14):24358-24380, DOI: 10.3390/ s141224358). They asserted that their scheme 2 has the constant storage overhead, low communication overhead, and is secure, i.e., achieves mt-revocation capability, mt-wise forward secrecy, any-wise backward secrecy and has mt-wise collusion attack resistance capability. Unfortunately, an attack method against Chen et al.’s scheme 2 is found in this paper, which contributes to some security flaws. More precisely, a revoked user can recover other legitimate users’ personal secrets, which directly breaks the forward security, mt-revocation capability and mt-wise collusion attack resistance capability. Thus, Chen et al.’s scheme 2 is insecure.

Rebound Attack on the Feistel-SPS Structure

Abstract: This paper shows the rebound attack on the Feistel-SPS structure, which has the Feistel network with a Substitution-Permutation-Substitution (SPS) round function. A 6-round known-key truncated differential distinguisher is obtained by studying the diffusion properties of differences. Based on the distinguisher, a near- collision attack on the compression functions of this structure embedding the Matyas-Meyer-Oseas (MMO) and Miyaguchi-Preneel (MP) modes is given. Besides, the 6-round distinguisher is extended and a 7-round truncated differential path is constructed to get a 7-round truncated differential distinguisher of the compression function for the two modes mentioned before.

Rebound Attacks on SKINNY Hashing with Automatic Tools

Abstract: In ToSC’20, a new approach combining Mix-Integer Linear Programming (MILP) tool and Constraint Programming (CP) tool to search for boomerang distinguishers is proposed and later used for rebound attack in ASIACRYPT’21 and CRYPTO’22. In this work, we extend these techniques to mount collision attacks on $$\textsf{SKINNY}$$ -128-256 MMO hashing mode in classical and quantum settings. The first results of 17-round (and 15-round) free-start collision attack on this variant of $$\textsf{SKINNY}$$ hashing mode are presented. Moreover, one more round of the inbound phase is covered leading to the best existing classical free-start collision attack of 19-round on the $$\textsf{SKINNY}$$ -128-384 MMO hashing.

An Efficient Cryptographic Hash Algorithm (BSA)

Abstract: Recent cryptanalytic attacks have exposed the vulnerabilities of some widely used cryptographic hash functions like MD5 and SHA-1. Attacks in the line of differential attacks have been used to expose the weaknesses of several other hash functions like RIPEMD, HAVAL. In this paper we propose a new efficient hash algorithm that provides a near random hash output and overcomes some of the earlier weaknesses. Extensive simulations and comparisons with some existing hash functions have been done to prove the effectiveness of the BSA, which is an acronym for the name of the 3 authors.

Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC

Abstract: Many hash-based authentication protocols have been proposed, and proven secure assuming that underlying hash functions are secure. On the other hand, if a hash function compromises, the security of authentication protocols based on this hash function becomes unclear. Therefore, it is significantly important to verify the security of hash-based protocols when a hash function is broken.In this paper, we will re-evaluate the security of two MD5-based authentication protocols based on a fact that MD5 cannot satisfy a required fundamental property named collision resistance. The target protocols are APOP (Authenticated Post Office Protocol) and NMAC (Nested Message Authentication Code), since they or their variants are widely used in real world. For security evaluation of APOP, we will propose a modified password recovery attack procedure, which is twice as fast as previous attacks. Moreover, our attack is more realistic, as the probability of being detected is lower than that of previous attacks. For security evaluation of MD5-based NMAC, we will propose a new key-recovery attack procedure, which has a complexity lower than that of previous attack. The complexity of our attack is 276, while that of previous attack is 2100.**Moreover, our attack has another interesting point. NMAC has two keys: the inner key and the outer key. Our attack can recover the outer key partially without the knowledge of the inner key.