Handbook of Applied Cryptography
Handbook of Applied Cryptography
Complexité des Facteurs des Mots Infinis Engendrés par Morphimes Itérés
Proceedings of the 11th Colloquium on Automata, Languages and Programming
Abelian Squares are Avoidable on 4 Letters
ICALP '92 Proceedings of the 19th International Colloquium on Automata, Languages and Programming
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Formal aspects of mobile code security
Formal aspects of mobile code security
On average sequence complexity
Theoretical Computer Science
A composition theorem for universal one-way hash functions
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Hash functions and the (amplified) boomerang attack
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Seven-property-preserving iterated hashing: ROX
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Herding hash functions and the nostradamus attack
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Looking Back at a New Hash Function
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
How to Fill Up Merkle-Damgård Hash Functions
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Twister --- A Framework for Secure and Fast Hash Functions
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
AFRICACRYPT '09 Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology
A powerful abelian square-free substitution over 4 letters
Theoretical Computer Science
Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n
ISC '09 Proceedings of the 12th International Conference on Information Security
How (not) to efficiently dither blockcipher-based hash functions?
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
On hashing with tweakable ciphers
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
TWISTERπ – a framework for secure and fast hash functions
International Journal of Applied Cryptography
Combinatorial multicollision attacks on generalized iterated hash functions
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Some observations on indifferentiability
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
(Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Linear analysis of reduced-round cubehash
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Variants of multicollision attacks on iterated hash functions
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Avoiding abelian powers in partial words
DLT'11 Proceedings of the 15th international conference on Developments in language theory
Avoiding abelian squares in partial words
Journal of Combinatorial Theory Series A
Cryptanalysis of the 10-round hash and full compression function of SHAvite-3-512
AFRICACRYPT'10 Proceedings of the Third international conference on Cryptology in Africa
Provable chosen-target-forced-midfix preimage resistance
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
On the complexity of the herding attack and some related attacks on hash functions
Designs, Codes and Cryptography
Multicollisions and graph-based hash functions
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Repetition-freeness with Cyclic Relations and Chain Relations
Fundamenta Informaticae - Words, Graphs, Automata, and Languages; Special Issue Honoring the 60th Birthday of Professor Tero Harju
| Hi-index | 0.00 |
We develop a new generic long-message second preimage attack, based on combining the techniques in the second preimage attacks of Dean [8] and Kelsey and Schneier [16] with the herding attack of Kelsey and Kohno [15]. We show that these generic attacks apply to hash functions using the Merkle-Damgård construction with only slightly more work than the previously known attack, but allow enormously more control of the contents of the second preimage found. Additionally, we show that our new attack applies to several hash function constructions which are not vulnerable to the previously known attack, including the dithered hash proposal of Rivest [25], Shoup's UOWHF[26] and the ROX hash construction [2].We analyze the properties of the dithering sequence used in [25], and develop a time-memory tradeoff which allows us to apply our second preimage attack to a wide range of dithering sequences, including sequences which are much stronger than those in Rivest's proposals. Finally, we show that both the existing second preimage attacks [8,16] and our new attack can be applied even more efficiently to multiple target messages; in general, given a set of many target messages with a total of 2R message blocks, these second preimage attacks can find a second preimage for one of those target messages with no more work than would be necessary to find a second preimage for a single target message of 2R message blocks.