Конструкції хешування стійкі до мультиколізій

У цій статті представлено аналіз атак, які ґрунтуються на знаходженні мультиколізій та методів протидії їм. Запропоновано узагальнену конструкцію багатоканального хешування. З використанням цієї конструкції узагальнено та удосконалено відомі підходи підвищення стійкості хешування до мультиколізій. Запропоновано новий підхід до побудови паралельного хешування стійкого до мультиколізій, який було формалізовано у вигляді конструкцій. Наведено оцінки часу хешування за допомогою запропонованих у статті конструкцій

Combinatorics on words in information security: Unavoidable regularities in the construction of multicollision attacks on iterated hash functions

Classically in combinatorics on words one studies unavoidable regularities that appear in sufficiently long strings of symbols over a fixed size alphabet. In this paper we take another viewpoint and focus on combinatorial properties of long words in which the number of occurrences of any symbol is restritced by a fixed constant. We then demonstrate the connection of these properties to constructing multicollision attacks on so called generalized iterated hash functions.Comment: In Proceedings WORDS 2011, arXiv:1108.341

Evolution of the StreamHash hash function family

This paper describes the evolution of StreamHash cryptographic hash function family proposed by the author. The first member of the StreamHash family was StreamHash (now called StreamHash1) function, accepted for the first round of SHA-3 competition organized by the US government standards agency NIST†. The competition has been started in order to select a new SHA-3 standard as the successor of SHA-2 family of cryptographic hash functions. Function StreamHash2 mostly addresses security weaknesses identified during the SHA-3 competition, while the sketch of function StreamHash3 attempts to improve resistance to side-channel attacks and performance properties. The paper starts with an overview of basic properties of cryptographic hash functions followed by the description of the StreamHash family design principles and its basic structure. Subsequent sections illustrate the way each subsequent function uses lessons learnt while designing and testing the previous one

1. Kryptotag - Workshop über Kryptographie

Der Report enthält eine Sammlung aller Beiträge der Teilnehmer des 1. Kryptotages am 1. Dezember 2004 in Mannheim

Joux multicollisions attack in sponge construction

Cryptographic hash functions take an unfixed size of input and produce a fixed size of an output. A hash function usually has two main components: a compression function and mode of operation. Sponge construction is one of the main operations of modes of used in modern cryptographic hash function. In this paper, we present multicollisions attack in sponge construction. In 2004, Joux [3] presented multicollision attack in iterated hash function. Our attack is similar to Joux attack but specifically for sponge construction1. We show that finding multicollisions in sponge construction of messages that hash to the same value, is not harder finding ordinary collisions. Then, we use this attack as a tool to prove that concatenating more than one hash function in order to increase the security level does not yield to more secure construction

Підходи до побудови швидких алгоритмів хешування

Розглянуто конструкції хешування та підходи до їх розпаралелення. Запропоновано узагальнену конструкцію паралельного хешування, стійку до відомих атак. Визначено оцінки тривалості хешування для різних реалізацій цієї конструкції. Дані оцінки були порівняні з аналогічними оцінками для відомих конструкцій.Hash constructions and approaches of their parallel computation are considered. The generalized construction of parallel hashing, that is infeasible to known attacks, is proposed. The hash computation durations of this construction different implementations are evaluated. The results of the evaluations were compared with ones of the known constructions

Huge Multicollisions and Multipreimages of Hash Functions BLENDER-n

In this paper we present a multicollision and multipreimage attack on the hash function Blender-n [1] for all output sizes n = 224, 256, 384 and 512. The complexity and memory requirements for finding 2^{2n} multipreimages (multicollisions) of Blender-n is roughly 10 times more than finding a collision for n/2-bit random hash function. All previous attacks were based on the trick by Joux [2] using many messages. Our attacks are based on one message with several fixpoints. The state register has eight words. By properly choosing message words we force half of the register to go to the original state. Then we will find a collision in the rest with complexity 2^{n/4}. The collision creates a fix point in the sequence of states of the state register. We use 10 such fix points. Previously known attacks [4, 5] on Blender-n have the complexity at least 2^{n/2}. Our 2^{2n}-multicollision and multipreimage attacks have a complexity 10*2^{n/4}

Cryptanalysis of CRUSH hash structure

In this paper, we will present a cryptanalysis of CRUSH hash structure. Surprisingly, our attack could find pre-image for any desired length of internal message. Time complexity of this attack is completely negligible. We will show that the time complexity of finding a pre-image of any length is O(1). In this attack, an adversary could freely find a pre-image with the length of his own choice for any given message digits. We can also find second pre-image, collision, multi-collision in the same complexity with our attack. In this paper, we also introduce a stronger variant of the algorithm, and show that an adversary could still be able to produce collisions for this stronger variant of CRUSH hash structure with a time complexity less than a Birthday attack

XML data integrity based on concatenated hash function

Data integrity is the fundamental for data authentication. A major problem for XML data authentication is that signed XML data can be copied to another document but still keep signature valid. This is caused by XML data integrity protecting. Through investigation, the paper discovered that besides data content integrity, XML data integrity should also protect element location information, and context referential integrity under fine-grained security situation. The aim of this paper is to propose a model for XML data integrity considering XML data features. The paper presents an XML data integrity model named as CSR (content integrity, structure integrity, context referential integrity) based on a concatenated hash function. XML data content integrity is ensured using an iterative hash process, structure integrity is protected by hashing an absolute path string from root node, and context referential integrity is ensured by protecting context-related elements. Presented XML data integrity model can satisfy integrity requirements under situation of fine-grained security, and compatible with XML signature. Through evaluation, the integrity model presented has a higher efficiency on digest value-generation than the Merkle hash tree-based integrity model for XML data