Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: John M. Kelsey (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 26 - 34 of 34

Herding, Second Preimage, and Trojan Message Attacks Beyond Merkle-Damgaard

November 3, 2009
Author(s)
Elena Andreeva, Charles Bouillaguet , Orr Dunkelman, John M. Kelsey
In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each

Status Report on the First Round of the SHA-3 Cryptographic Hash Algorithm Competition

September 23, 2009
Author(s)
Andrew R. Regenscheid, Ray A. Perlner, Shu-jen H. Chang, John M. Kelsey, Mridul Nandi, Souradyuti Paul
The National Institute of Standards and Technology is in the process of selecting a new cryptographic hash algorithm through a public competition. The new hash algorithm will be referred to as SHA-3 and will complement the SHA-2 hash algorithms currently

Second Preimage Attacks on Dithered Hash Functions

April 17, 2008
Author(s)
Elena Andreeva, Charles Bouillaguet, Pierre-Alain Fouque, Jonathan J. Hoch, John M. Kelsey, Adi Shamir, Sebastien Zimmer
We develop a new generic long-message second preimage attack, based on combining the techniques in the second preimage attacks of Dean Dean99} and Kelsey and Schneier KS05} with the herding attack of Kelsey and Kohno KK06}. We show that these generic

Herding Hash Functions and the Nostradamus Attack

May 28, 2006
Author(s)
John M. Kelsey, Tadayoshi Kohno
In this paper, we develop a new attack on Damgaard-Merkle hash functions, called the herding attack, in which an attacker who can find many collisions on the hash function by brute force can first provide the hash of message, and later ''herd'' any given

Collisions and Near-Collisions for Reduced-Round Tiger

March 1, 2006
Author(s)
John M. Kelsey, Stefan Lucks
We describe a collision-finding attack on 16 rounds of the Tiger hash function requiring the time for about 244 compression function invocations. This extends to a collision-finding attack on 17 rounds of the Tiger hash function in time of about 249

Second Primages on n-bit Hash Functions for Much Less than 2n Work

May 1, 2005
Author(s)
John M. Kelsey, B Schneier
We expand a previous result of Dean[Dea99] to provide a second preimage attack on all n-bit iterated hash functions with Damgard-Merkle strengthening and n-bit intermediate states, allowing a second preimage to be found for a 2k-message-block message with