You searched on:
Author: john kelsey
Sorted by: title
Displaying records 1 to 10 of 15 records.
Resort by: Date / Title
1. A Keyed Sponge Construction with Pseudorandomness in the Standard Model
Dong H. Chang, Morris J Dworkin, Seokhie Hong, John M Kelsey, Mridul Nandi
The sponge construction, designed by Bertoni, Daemen, Peeters, and Asscheis, is the framework for hash functions such as Keccak, PHOTON, Quark, and spongent. The designers give a keyed sponge construction by prepending the message with key and prove ...
2. Attacking Paper-Based E2E Voting Systems
John M Kelsey, Andrew Richard Regenscheid, Tal Moran, David Chaum
In this paper, we develop methods for constructing vote-buying/coercion attacks on end-to-end voting systems, and describe vote-buying/coercion attacks on three end-to-end voting systems: Punchscan, Pret-a-Voter, and Threeballot. We also demonstrate ...
3. Collisions and Near-Collisions for Reduced-Round Tiger
John M Kelsey, Stefan Lucks
We describe a collision-finding attack on 16 rounds of the Tiger hash function requiring the time for about 244 compression function invocations. This extends to a collision-finding attack on 17 rounds of the Tiger hash function in time of about 249 ...
4. Herding Hash Functions and the Nostradamus Attack
John M Kelsey, Tadayoshi Kohno
In this paper, we develop a new attack on Damgaard-Merkle hash functions, called the herding attack, in which an attacker who can find many collisions on the hash function by brute force can first provide the hash of message, and later ``herd'' any g ...
5. Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard
Elena Andreeva, Charles Bouillaguet , Orr Dunkelman, John M Kelsey
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that proces ...
6. Linear-XOR and Additive Checksums Don t Protect Damgaard-Merkle Hashes from Generic Attacks
John M Kelsey, Praveen Gauravaram
We consider the security of Damgaard-Merkle variants which computer linear-XOR or additive checksums over message blocks, intermediate hash values, or both, and process these checksums in computing the final hash value. We show that these Damga ...
7. On Hash Functions Using Checksums
Praveen Gauruvarum, John M Kelsey, L. Knudsen, S. Thomsen
We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one- way checksum fun ...
8. On the privacy threats of electronic poll books
Stefan Popoveniuc, John M Kelsey
Electronic poll books make the process of verifying that a voter is authorized to vote and issuing her a ballot faster and more convenient. However, they also introduce a privacy risk: if both the electronic poll book and voting machine or optical s ...
9. Performance Requirements for End-to-End Verifiable Elections
Stefan Popoveniuc, John M Kelsey, Andrew Richard Regenscheid, Poorvi Vora
The term end-to-end verifiability has been used over the past several years to describe multiple voting system proposals. The term has, however, never been formally defined. As a result, its meaning tends to change from voting system to voting syst ...
10. Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised)
Special Publication (NIST SP)
Elaine B Barker, John M Kelsey
This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. The methods provided are based on either cryptographic hash functions, block cipher algorithms or number theoretic problems.