Topic
Collision attack
About: Collision attack is a research topic. Over the lifetime, 1093 publications have been published within this topic receiving 28389 citations.
Papers published on a yearly basis
Papers
More filters
••
30 Nov 2006
TL;DR: It is shown that most natural ideas are insecure in the field of hash functions, and a practical preimage attack against the dedicated hash function used in the MySQL password-based authentication mechanisms is described.
Abstract: T-functions are a useful new tool to design symmetric-key algorithms, introduced by Klimov and Shamir in 2002. They have already been used to build stream ciphers and new applications for block ciphers and hash functions have been recently suggested.
In this paper, we analyze the security of several possible constructions of hash functions, based on T-functions. We show that most natural ideas are insecure. As an application, we describe a practical preimage attack against the dedicated hash function used in the MySQL password-based authentication mechanisms.
12 citations
••
03 Mar 2014TL;DR: A novel collision attack for up to 5 rounds of the Grostl hash function is described, which significantly improves upon the best previously published results on 3 rounds.
Abstract: In this article, we describe a novel collision attack for up to 5 rounds of the Grostl hash function. This significantly improves upon the best previously published results on 3 rounds. By using a new type of differential trail spanning over more than one message block we are able to construct collisions for Grostl-256 on 4 and 5 rounds with complexity of \(2^{67}\) and \(2^{120}\), respectively. Both attacks need \(2^{64}\) memory. Due to the generic nature of our attack we can even construct meaningful collisions in the chosen-prefix setting with the same attack complexity.
12 citations
••
01 Mar 1999TL;DR: A hash function with all-or-nothing property that can use the existing hash functions without changing their structures, and it is secure against all of known attacks.
Abstract: All-or-nothing property is a new encryption mode proposed by Rivest and has the property that one must decrypt the entire ciphertext to determine any plaintext block. In this paper, we propose a hash function with all-or-nothing property. The proposed scheme can use the existing hash functions without changing their structures, and it is secure against all of known attacks. Moreover, the proposed method can be easily extended to the MAC(Message Authentication Code) and provide message confidentiality as well as authentication.
11 citations
••
15 Dec 2010TL;DR: The SHA-3 competition as mentioned in this paper was held in 2007 with the goal to select a new hash function family by 2012, but only half of the 64 submissions were broken within months.
Abstract: Cryptographic hash functions are an essential building block for security applications. Until 2005, the amount of theoretical research and cryptanalysis invested in this topic was rather limited. From the hundred designs published before 2005, about 80% was cryptanalyzed; this includes widely used hash functions such as MD4 and MD5. Moreover, serious shortcomings have been identified in the theoretical foundations of existing designs. In response to this hash function crisis, a large number of papers has been published with theoretical results and novel designs. In November 2007, NIST announced the start of the SHA-3 competition, with as goal to select a new hash function family by 2012. About half of the 64 submissions were broken within months. This talk will present an outline of the state of the art of hash functions half-way the competition and attempts to identify open research issues.
11 citations
•
TL;DR: In this article, the Grostl hash function was analyzed and collision and semi-free-start collision attacks for both the hash and the compression functions were presented for reduced-round versions of the hash function.
Abstract: We analyze the Grostl hash function, which is a 2nd-round candidate of the SHA-3 competition Using the start-from-the-middle variant of the rebound technique, we show collision attacks on the Grostl-256 hash function reduced to 5 and 6 out of 10 rounds with time complexities 2 and 2, respectively Furthermore, we demonstrate semi-free-start collision attacks on the Grostl-224 and -256 hash functions reduced to 7 rounds and the Grostl-224 and -256 compression functions reduced to 8 rounds Our attacks are based on differential paths between the two permutations P and Q of Grostl, a strategy introduced by Peyrin [15] to construct distinguishers for the compression function In this paper, we extend this approach to construct collision and semi-free-start collision attacks for both the hash and the compression function Finally, we present improved distinguishers for reduced-round versions of the Grostl-224 and -256 permutations
11 citations