NIST logo

Publications Portal

You searched on: Author: john kelsey Sorted by: title

Displaying records 1 to 10 of 15 records.
Resort by: Date / Title

1. A Keyed Sponge Construction with Pseudorandomness in the Standard Model
Published: 3/22/2012
Authors: Dong H. Chang, Morris J Dworkin, Seokhie Hong, John M Kelsey, Mridul Nandi
Abstract: The sponge construction, designed by Bertoni, Daemen, Peeters, and Asscheis, is the framework for hash functions such as Keccak, PHOTON, Quark, and spongent. The designers give a keyed sponge construction by prepending the message with key and prove ...

2. Attacking Paper-Based E2E Voting Systems
Published: 2/1/2010
Authors: John M Kelsey, Andrew Richard Regenscheid, Tal Moran, David Chaum
Abstract: In this paper, we develop methods for constructing vote-buying/coercion attacks on end-to-end voting systems, and describe vote-buying/coercion attacks on three end-to-end voting systems: Punchscan, Pret-a-Voter, and Threeballot. We also demonstrate ...

3. Collisions and Near-Collisions for Reduced-Round Tiger
Published: 3/1/2006
Authors: John M Kelsey, Stefan Lucks
Abstract: We describe a collision-finding attack on 16 rounds of the Tiger hash function requiring the time for about 244 compression function invocations. This extends to a collision-finding attack on 17 rounds of the Tiger hash function in time of about 249 ...

4. Herding Hash Functions and the Nostradamus Attack
Published: 5/28/2006
Authors: John M Kelsey, Tadayoshi Kohno
Abstract: In this paper, we develop a new attack on Damgaard-Merkle hash functions, called the herding attack, in which an attacker who can find many collisions on the hash function by brute force can first provide the hash of message, and later ``herd'' any g ...

5. Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard
Published: 11/3/2009
Authors: Elena Andreeva, Charles Bouillaguet , Orr Dunkelman, John M Kelsey
Abstract: In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that proces ...

6. Linear-XOR and Additive Checksums Don t Protect Damgaard-Merkle Hashes from Generic Attacks
Published: 4/17/2008
Authors: Praveen Gauravaram, John M Kelsey
Abstract: We consider the security of Damgaard-Merkle variants which computer linear-XOR or additive checksums over message blocks, intermediate hash values, or both, and process these checksums in computing the final hash value.  We show that these Damgaard-M ...

7. On Hash Functions Using Checksums
Published: 4/1/2010
Authors: Praveen Gauruvarum, John M Kelsey, L. Knudsen, S. Thomsen
Abstract: We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one- way checksum fun ...

8. On the privacy threats of electronic poll books
Published: 10/4/2010
Authors: Stefan Popoveniuc, John M Kelsey
Abstract: Electronic poll books make the process of verifying that a voter is authorized to vote and issuing her a ballot faster and more convenient. However, they also introduce a privacy risk: if both the electronic poll book and voting machine or optical s ...

9. Performance Requirements for End-to-End Verifiable Elections
Published: 8/9/2010
Authors: Stefan Popoveniuc, John M Kelsey, Andrew Richard Regenscheid, Poorvi Vora
Abstract: The term end-to-end verifiability has been used over the past several years to describe multiple voting system proposals. The term has, however, never been formally defined. As a result, its meaning tends to change from voting system to voting syst ...

10. Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised)
Series: Special Publication (NIST SP)
Report Number: 800-90
Published: 3/14/2007
Authors: Elaine B Barker, John M Kelsey
Abstract: [Superseded by SP 800-90A (January 2012):] This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on e ...

Search NIST-wide:

(Search abstract and keywords)

Last Name:
First Name:

Special Publications:

Looking for a NIST Special Publication (NIST SP Series)? Place the series number and dash in the report number field (Example: 800-) and begin your search.

  • SP 250-XX: Calibration Services
  • SP 260-XX: Standard Reference Materials
  • SP 300-XX: Precision Measurement and Calibration
  • SP 400-XX: Semiconductor Measurement Technology
  • SP 480-XX: Law Enforcement Technology
  • SP 500-XX: Computer Systems Technology
  • SP 700-XX: Industrial Measurement Series
  • SP 800-XX: Computer Security Series
  • SP 823-XX: Integrated Services Digital Network Series