Relation between successfulness of birthday attack on digital signature and hash function irregularity

  • Authors:

  • Milan Tuba;Nadezda Stanarevic

  • Affiliations:

  • Faculty of Computer Science, University Megatrend Belgrade, Serbia;Faculty of Computer Science, University Megatrend Belgrade, Serbia

  • Venue:
  • WSEAS Transactions on Information Science and Applications
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

In many network communications it is crucial to be able to authenticate both the contents and the origin of a message. Digital signatures based on public key schemas are used for such authentication. In order to provide message authentication the signature must depend on the contents of the message being signed. Since the public key-based signature schemes take too much time to compute, hash functions that map messages to short digests h(M) are used. Among other desirable properties of hash functions, an interesting one is that it should be collision-resistant, that is it should be difficult to find two messages with the same hash value. To find a collision the birthday attack is used, which shows that attacker may not need to examine too many messages before he finds a collision. Even worse, in estimates of attack successfulness it is always assumed that the hash function is regular, meaning that all points in the range have the same number of preimages under h. If h is not regular, fewer trials are required to find a collision. In this paper we first compute tighter upper and lower bounds for the number of birthday attack trials when the hash function is regular. Then we examine different types of irregularity of the hash function and the quantitative changes in the required number of trials to find a collision which then compromises the digital signature system.