On the security of two MAC algorithms
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Forgery and partial key-recovery attacks on HMAC and NMAC using hash collisions
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On the possibility of constructing meaningful hash collisions for public keys
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
The second-preimage attack on MD4
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Collision-Resistant usage of MD5 and SHA-1 via message preprocessing
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
A study of the MD5 attacks: insights and improvements
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Efficient collision search attacks on SHA-0
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
On the security of HMAC and NMAC based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (extended abstract)
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Improved collision attack on MD4 with probability almost 1
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Password recovery attack on authentication protocol MD4(Password||Challenge)
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A New Type of 2-Block Collisions in MD5
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Bit-Free Collision: Application to APOP Attack
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Finding Collisions for a 45-Step Simplified HAS-V
Information Security Applications
Full key-recovery attacks on HMAC/NMAC-MD4 and NMAC-MD5
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
Password recovery on challenge and response: impossible differential attack on hash function
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Security of MD5 challenge and response: extension of APOP password recovery attack
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Second-preimage analysis of reduced SHA-1
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Collisions of MMO-MD5 and their impact on original MD5
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Fast password recovery attack: application to APOP
Journal of Intelligent Manufacturing
Hi-index | 0.00 |
InWang's attack, message modifications allow to deterministically satisfy certain sufficient conditions to find collisions efficiently. Unfortunately, message modifications significantly change the messages and one has little control over the colliding blocks. In this paper, we show how to choose small parts of the colliding messages. Consequently, we break a security countermeasure proposed by Szydlo and Yin at CT-RSA '06, where a fixed padding is added at the end of each block. Furthermore, we also apply this technique to recover part of the passwords in the Authentication Protocol of the Post Office Protocol (POP). This shows that collision attacks can be used to attack real protocols, which means that finding collisions is a real threat.