Skip to main content
Springer Nature Link
Log in

New Second Preimage Attack Variants against the MD-Structure

  • Conference paper
Cryptology and Network Security (CANS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8813))

Included in the following conference series:

Abstract

We consider a situation where the adversary performs a second preimage attack and is able to influence slightly the preconditions under which the iterated hash function is used. In the first variant of the attack, the adversary is able to choose the initial value of the hash function after receiving the original message. In the second variant, the adversary is allowed to determine a prefix of the original message and has to create a second preimage with the same prefix. Both of these attacks use diamond structures and the expected number of compression function calls required to complete each of them successfully is in \(\mathrm O(\sqrt{n} \cdot 2^{\frac{2n}{3}})\) while on random oracle hash function it is in \(\mathrm O(2^n)\). We also show that it is possible to decrease the before mentioned expected value to \(\mathrm O(2^{\frac{2n-l}{3}})\) if the length of the original message is 2l and l is sufficiently large. Furthermore, we generalize these attacks to work against concatenated hash functions as well.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Andreeva, E., Bouillaguet, C., Dunkelman, O., Kelsey, J.: Herding, second preimage and Trojan message attacks beyond Merkle-DamgÃ¥rd. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 393–414. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Andreeva, E., Bouillaguet, C., Fouque, P.-A., Hoch, J.J., Kelsey, J., Shamir, A., Zimmer, S.: Second preimage attacks on dithered hash functions. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 270–288. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Blackburn, S., Stinson, D., Upadhyay, J.: On the complexity of the herding attack and some related attacks on hash functions. Designs, Codes and Cryptography 64(1-2), 171–193 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  4. Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-DamgÃ¥rd revisited: How to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  5. DamgÃ¥rd, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)

    Google Scholar 

  6. Dean, R.: Formal aspects of mobile code security. PhD thesis, Princeton University (1999)

    Google Scholar 

  7. Dobbertin, H.: Cryptanalysis of MD4. Journal of Cryptology 11(4), 253–271 (1998)

    Article  MATH  Google Scholar 

  8. Hoch, J.J., Shamir, A.: Breaking the ICE - finding multicollisions in iterated concatenated and expanded (ICE) hash functions. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 179–194. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Joux, A.: Multicollisions in iterated hash functions. Application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Kelsey, J., Kohno, T.: Herding hash functions and Nostradamus attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 183–200. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Kelsey, J., Schneier, B.: Second preimage on n-bit hash functions for much less than 2n work. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 474–490. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Klima, V.: Finding MD5 collisions on a notebook PC using multi-message modifications, Cryptology ePrint Archive, Report 2005/102 (2005), http://eprint.iacr.org/2005/102

  13. Klima, V.: Huge multicollisions and multipreimages of hash functions BLENDER-n, Cryptology ePrint Archive, Report 2009/006 (2009), http://eprint.iacr.org/2009/006

  14. Kortelainen, J., Halunen, K., Kortelainen, T.: Multicollision attacks and generalized iterated hash functions. J. Math. Cryptol. 4, 239–270 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  15. Kortelainen, J., Kortelainen, T., Vesanen, A.: Unavoidable regularities in long words with bounded number of symbol occurrences. In: Fu, B., Du, D.-Z. (eds.) COCOON 2011. LNCS, vol. 6842, pp. 519–530. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Kortelainen, J., Kortelainen, T., Vesanen, A.: Unavoidable regularities in long words with bounded number of symbol occurrences. J. Comp. Optim. 26, 670–686 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  17. Kortelainen, T., Kortelainen, J., Halunen, K.: Variants of multicollision attacks on iterated hash functions. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 139–154. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  18. Kortelainen, T., Vesanen, A., Kortelainen, J.: Generalized iterated hash functions revisited: New complexity bounds for multicollision attacks. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 172–190. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Kortelainen, T., Kortelainen, J.: On diamond structures and Trojan message attacks. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 524–539. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  20. Menezes, A., van Oorschot, P., Vanstone, S. (eds.): Handbook of Applied Cryptography, pp. 321–376. CRC Press (1996)

    Google Scholar 

  21. Merkle, R.C.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 428–446. Springer, Heidelberg (1990)

    Google Scholar 

  22. Nandi, M., Stinson, D.: Multicollision attacks on some generalized sequential hash functions. IEEE Trans. Inform. Theory 53, 759–767 (2007)

    Article  MathSciNet  Google Scholar 

  23. Stevens, M.: Fast collision attack on MD5, Cryptology ePrint Archive, Report 2006/104 (2006), http://eprint.iacr.org/2006/104

  24. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  26. Yu, H., Wang, X.: Multi-collision attack on the compression functions of MD4 and 3-pass HAVAL. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 206–226. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Mathematics Division, University of Oulu, Finland

    Tuomas Kortelainen

  2. Department of Information Processing Science, University of Oulu, Finland

    Juha Kortelainen

Authors
  1. Tuomas Kortelainen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Juha Kortelainen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Athens University of Economics & Business, 76, Patission Str., 10434, Athens, Greece

    Dimitris Gritzalis

  2. Department of Informatics and Telecommunications, Panepistimiopolis, National and Kapodistrian University of Athens, 15784, Athens, Greece

    Aggelos Kiayias

  3. FORTH-ICS, Vassilika Vouton, P.O. Box 1385, 711 10, Heraklion, Crete, Greece

    Ioannis Askoxylakis

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Kortelainen, T., Kortelainen, J. (2014). New Second Preimage Attack Variants against the MD-Structure. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds) Cryptology and Network Security. CANS 2014. Lecture Notes in Computer Science, vol 8813. Springer, Cham. https://doi.org/10.1007/978-3-319-12280-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12280-9_7

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12279-3

  • Online ISBN: 978-3-319-12280-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics