NIST logo

Publication Citation: Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard

NIST Authors in Bold

Author(s): Elena Andreeva; Charles Bouillaguet; Orr Dunkelman; John M. Kelsey;
Title: Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard
Published: November 03, 2009
Abstract: In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore "hash-twice" construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack - the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix.
Conference: 16th Annual International Workshop, Selected Areas in Cryptography (SAC 2009)
Proceedings: Selected Areas in Cryptography (Lecture Notes in Computer Science)
Volume: 5867
Pages: pp. 393 - 414
Location: Calgary, -1
Dates: August 13-14, 2009
Keywords: concatenated hash; herding attack; second preimage attack; tree hash; Trojan message attack; zipper hash
Research Areas: Computer Security
DOI: http://dx.doi.org/10.1007/978-3-642-05445-7_25  (Note: May link to a non-U.S. Government webpage)
PDF version: PDF Document Click here to retrieve PDF version of paper (290KB)