On Password-Based Authenticated Key Exchange using Collisionful Hash Functions

. This paper presents an attack on Anderson and Lomas's proposed password-based authenticated key exchange protocol that uses collisionful hash functions. The weaknesses of the protocol when an old session key is compromised are studied and alternative solutions are given. 1 Introduction Cryptographic hash functions are used for providing security in a wide range of applications [2, 8]. A collision-free hash function uniformly maps an arbitrary length message into a fixed length message digest, so that, finding two distinct messages that produce the same digest is computationally infeasible. This property of hash functions is used to provide data integrity. A typical application of hash functions is to generate a checksum of a message whose integrity needs to be protected. Additionally, one can incorporate a secret key in the hashing process function to provide protection against an active intruder who wishes to modify the message or impersonate the message originator. Such functions ..

Keyed Hash Functions

. We give a new definition of keyed hash functions and show its relation with strongly universal hash functions and Cartesian authentication codes. We propose an algorithm for a secure keyed hash function and present preliminary result on its performance. The algorithm can be used for fast (about twice the speed of MD5) and secure message authentication. 1 Introduction Hash functions were introduced in early 1950's [20]. The original aim was to have functions that can uniformly map a large collection of messages into a small set of message digests (or hash values). A useful application of hash functions is for error detection. Appending message digest to the message allows detection of errors during transmission. In the receiving end, the hash value of the received message is recalculated and compared with the received hash value. If they do not match, an error has occurred. This detection is only for random errors. An active spoofer may intercept a message, modify it as he wishes, an..

On the Weaknesses of Gong's Collisionful Hash Function

This paper presents an attack on Gong's proposed collisionful hash function. The weaknesses of his method are studied and possible solutions are given. Some secure methods that require additional assumptions are also suggested

A Message Authentication Code based on Latin Squares

. This is a proposal on the construction of a Message Authentication Code (MAC) based on Latin Squares. The design is inspired by Wegman-Carter construction which takes advantage of provable security. The MAC is described and its security is examined. It is also compared with other MACs and its advantages are shown. 1 Introduction Message Authentication Code (MAC) is one of the most common cryptographic tools for providing authentication in a wide range of applications. A MAC takes a secret key to generate a checksum for a given message or to verify an existing (previously generated) checksum. In most designs, a MAC is constructed from an existing hash function. A checksum is a fixed length string that follows a message to provide its integrity. We refer to the process of generating a checksum of a given message as signing and the process of verifying an existing checksum as verifying. A MAC uses a symmetric key that will be used in both signing and verifying processes, and therefore..

On Selectable Collisionful Hash Functions

. This paper presents an attack on Gong's proposed collisionful hash function. The weaknesses of his method are studied and possible solutions are given. Some secure methods that require additional assumptions are also suggested. 1 Introduction Hash functions have been used for producing secure checksums since 1950's. A hash function maps an arbitrary length message into a fixed length message digest, and can be used for message integrity [1, 5, 8]. For this purpose, a sender calculates the message digest of the transmitting message and sends it appended to the message. The receiver verifies the checksum by recalculating it from the received message and comparing it with the received checksum. Another application is for protection against spoofing, where the checksum is protected by a key to thwart any modification by an opponent. This application has recently motivated the new term Keyed Hash Functions [3]. A keyed hash function uses a symmetric key and the checksum can only be calcul..

Practical Message Authentication Schemes

Use of encryption algorithms in message authentication is replaced by secure hash functions which are often faster than encryption algorithms. Tsudik [14] has proposed three methods on message authentication which are only based on one-way hash functions and use some keys to make them secure. In this paper, we give a set of practical methods, each of which uses a fast collision free hash function (such as MD5) and provides secure message authentication. The idea of the proposed methods is almost similar to that of Tsudik's, but we are able to reduce the key length eight times compared to the Tsudik's constructions, while maintaining the same security. In our methods, the secret key is added using exclusive-or or assign operators (instead of concatenation) to make them faster. We also have proved that our methods belong to the Secure Keyed One-Way Hash Function (SKOWHF) group, if the underlying hash function is secure. 1 Introduction In today's communication, existence of a fast method..

Cryptographic Hash Functions: A Survey

This paper gives a survey on cryptographic hash functions. It gives an overview of all types of hash functions and reviews design principals and possible methods of attacks. It also focuses on keyed hash functions and provides the applications, requirements, and constructions of keyed hash functions