| Author(s): |
Elena Andreeva; Charles Bouillaguet; Orr Dunkelman; John M. Kelsey; |
| Title: |
Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard |
| Published: |
November 03, 2009 |
| Abstract: |
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore "hash-twice" construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack - the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix. |
| Conference: |
Selected Areas in Cryptography, 2009 |
| Proceedings: |
Selected Areas in Cryptography, 16th Annual International Workshop, SAC 2009 |
| Volume: |
5867 |
| Pages: |
pp. 393 - 414 |
| Location: |
Calgary, -1 |
| Dates: |
August 13-14, 2009 |
| Keywords: |
concatenated hash; herding attack; second preimage attack; tree hash; Trojan message attack; zipper hash |
| Research Areas: |
Computer Security |
| DOI: |
10.1007/978-3-642-05445-7_25 (Note: May link to a non-U.S. Government webpage) |
| PDF version: |
 Click here to retrieve PDF version of paper (283KB) |
