A Generalized Birthday Problem
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Design Principle for Hash Functions
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Formal aspects of mobile code security
Formal aspects of mobile code security
A new paradigm for collision-free hashing: incrementality at reduced cost
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Preimage and collision attacks on MD2
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Second preimages on n-bit hash functions for much less than 2n work
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Herding hash functions and the nostradamus attack
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Constructing secure hash functions by enhancing merkle-damgård construction
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Cryptanalysis of the GOST Hash Function
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Side Channel Analysis of Some Hash Based MACs: A Response to SHA-3 Requirements
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
How to Fill Up Merkle-Damgård Hash Functions
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n
ISC '09 Proceedings of the 12th International Conference on Information Security
Combinatorial multicollision attacks on generalized iterated hash functions
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
Increasing the flexibility of the herding attack
Information Processing Letters
Provable chosen-target-forced-midfix preimage resistance
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
| Hi-index | 0.00 |
We consider the security of Damgård-Merkle variants which compute linear-XOR or additive checksums over message blocks, intermediate hash values, or both, and process these checksums in computing the final hash value. We show that these Damgård-Merkle variants gain almost no security against generic attacks such as the long-message second preimage attacks of [10, 21] and the herding attack of [9].