NIST logo

Publications Portal

You searched on: Author: john kelsey Sorted by: title

Displaying records 1 to 10 of 20 records.
Resort by: Date / Title

1. A Keyed Sponge Construction with Pseudorandomness in the Standard Model
Published: 3/22/2012
Authors: Dong H. Chang, Morris J Dworkin, Seokhie Hong, John M Kelsey, Mridul Nandi
Abstract: The sponge construction, designed by Bertoni, Daemen, Peeters, and Asscheis, is the framework for hash functions such as Keccak, PHOTON, Quark, and spongent. The designers give a keyed sponge construction by prepending the message with key and prove ...

2. Attacking Paper-Based E2E Voting Systems
Published: 2/1/2010
Authors: John M Kelsey, Andrew Richard Regenscheid, Tal Moran, David Chaum
Abstract: In this paper, we develop methods for constructing vote-buying/coercion attacks on end-to-end voting systems, and describe vote-buying/coercion attacks on three end-to-end voting systems: Punchscan, Pret-a-Voter, and Threeballot. We also demonstrate ...

3. Collisions and Near-Collisions for Reduced-Round Tiger
Published: 3/1/2006
Authors: John M Kelsey, Stefan Lucks
Abstract: We describe a collision-finding attack on 16 rounds of the Tiger hash function requiring the time for about 244 compression function invocations. This extends to a collision-finding attack on 17 rounds of the Tiger hash function in time of about 249 ...

4. Herding Hash Functions and the Nostradamus Attack
Published: 5/28/2006
Authors: John M Kelsey, Tadayoshi Kohno
Abstract: In this paper, we develop a new attack on Damgaard-Merkle hash functions, called the herding attack, in which an attacker who can find many collisions on the hash function by brute force can first provide the hash of message, and later ``herd'' any g ...

5. Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard
Published: 11/3/2009
Authors: Elena Andreeva, Charles Bouillaguet , Orr Dunkelman, John M Kelsey
Abstract: In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that proces ...

6. How Random is Your RNG?
Published: 7/7/2015
Authors: Meltem Sonmez Turan, John M Kelsey, Kerry A McKay
Abstract: Cryptographic primitives need random numbers to protect your data. Random numbers are used for generating secret keys, nonces, random paddings, initialization vectors, salts, etc. Deterministic pseudorandom number generators are useful, but they stil ...

7. Linear-XOR and Additive Checksums Don t Protect Damgaard-Merkle Hashes from Generic Attacks
Published: 4/17/2008
Authors: Praveen Gauravaram, John M Kelsey
Abstract: We consider the security of Damgaard-Merkle variants which computer linear-XOR or additive checksums over message blocks, intermediate hash values, or both, and process these checksums in computing the final hash value.  We show that these Damgaard-M ...

8. New Second-Preimage Attacks on Hash Functions
Published: 6/23/2015
Authors: Elena Andreeva, Charles Bouillaguet, Orr Dunkelman, Pierre-Alain Fouque, Jonathan J. Hoch, John M Kelsey, Adi Shamir, Sebastien Zimmer
Abstract: In this work, we present several new generic second-preimage attacks on hash functions. Our first attack is based on the herding attack and applies to various Merkle-Damgard-based iterative hash functions. Compared to the previously known long-messa ...

9. On Hash Functions Using Checksums
Published: 4/1/2010
Authors: Praveen Gauruvarum, John M Kelsey, L. Knudsen, S. Thomsen
Abstract: We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one- way checksum fun ...

10. On the privacy threats of electronic poll books
Published: 10/4/2010
Authors: Stefan Popoveniuc, John M Kelsey
Abstract: Electronic poll books make the process of verifying that a voter is authorized to vote and issuing her a ballot faster and more convenient. However, they also introduce a privacy risk: if both the electronic poll book and voting machine or optical s ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series