Risks of the CardSpace Protocol
ISC '09 Proceedings of the 12th International Conference on Information Security
MD5 Is Weaker Than Weak: Attacks on Concatenated Combiners
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Vulnerabilities leading to denial of services attacks in grid computing systems: a survey
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Rebound attack on reduced-round versions of JH
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Performance analysis of the SHA-3 candidates on exotic multi-core architectures
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Montgomery multiplication on the cell
PPAM'09 Proceedings of the 8th international conference on Parallel processing and applied mathematics: Part I
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Collisions of MMO-MD5 and their impact on original MD5
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
The power of recognition: secure single sign-on using TLS channel bindings
Proceedings of the 7th ACM workshop on Digital identity management
International Journal of Applied Cryptography
PKI layer cake: new collision attacks against the global x.509 infrastructure
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Hash function combiners in TLS and SSL
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Secure communication using identity based encryption
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
SignatureCheck: a protocol to detect man-in-the-middle attack in SSL
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
International Journal of Applied Cryptography
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Certified lies: detecting and defeating government interception attacks against SSL (short paper)
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
Chosen-prefix collisions for MD5 and applications
International Journal of Applied Cryptography
Generalized first pre-image tractable random oracle model and signature schemes
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
The most dangerous code in the world: validating SSL certificates in non-browser software
Proceedings of the 2012 ACM conference on Computer and communications security
The security impact of a new cryptographic library
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
SCN'12 Proceedings of the 8th international conference on Security and Cryptography for Networks
One year of SSL internet measurement
Proceedings of the 28th Annual Computer Security Applications Conference
Analysis of differential attacks in ARX constructions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
BLAKE2: simpler, smaller, fast as MD5
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Cryptophia's short combiner for collision-resistant hash functions
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Fast password recovery attack: application to APOP
Journal of Intelligent Manufacturing
Hi-index | 0.00 |
We present a refined chosen-prefix collision construction for MD5 that allowed creation of a rogue Certification Authority (CA) certificate, based on a collision with a regular end-user website certificate provided by a commercial CA. Compared to the previous construction from Eurocrypt 2007, this paper describes a more flexible family of differential paths and a new variable birthdaying search space. Combined with a time-memory trade-off, these improvements lead to just three pairs of near-collision blocks to generate the collision, enabling construction of RSA moduli that are sufficiently short to be accepted by current CAs. The entire construction is fast enough to allow for adequate prediction of certificate serial number and validity period: it can be made to require about 249 MD5 compression function calls. Finally, we improve the complexity of identical-prefix collisions for MD5 to about 216 MD5 compression function calls and use it to derive a practical single-block chosen-prefix collision construction of which an example is given.