Generalizing the herding attack to concatenated hashing schemes

Orr Dunkelman; Bart Preneel

Generalizing the herding attack to concatenated hashing schemes

Research output: Contribution to conference › Paper › peer-review

Abstract

In this paper we extend the herding attacks for concatenated hash functions, i.e., hash functions of the form h(x) = h1(x)||h2(x). Our results actually apply a much larger set of hash functions. We show that even when the compression function of h (·) can be written as two (or more) data paths, where one data path is not affected by the second (while the second may depend on the first), then the generalized herding attack can be applied. This result along with Joux's original observations show that schemes that aim to improve the resistance of hash functions against these attacks, must use diffusion between the various data paths.

Original language	English
Number of pages	14
State	Published - 1 Jan 2007
Externally published	Yes

Bibliographical note

ECRYPT's hash function workshop 2007, Barcelona

Access to Document

https://www.esat.kuleuven.be/cosic/publications/article-898.pdf

Cite this

@conference{ba461f0894284c84b635c90ae5160c8a,

title = "Generalizing the herding attack to concatenated hashing schemes",

abstract = "In this paper we extend the herding attacks for concatenated hash functions, i.e., hash functions of the form h(x) = h1(x)||h2(x). Our results actually apply a much larger set of hash functions. We show that even when the compression function of h (·) can be written as two (or more) data paths, where one data path is not affected by the second (while the second may depend on the first), then the generalized herding attack can be applied. This result along with Joux's original observations show that schemes that aim to improve the resistance of hash functions against these attacks, must use diffusion between the various data paths.",

author = "Orr Dunkelman and Bart Preneel",

note = "ECRYPT's hash function workshop 2007, Barcelona",

year = "2007",

month = jan,

day = "1",

language = "English",

}

TY - CONF

T1 - Generalizing the herding attack to concatenated hashing schemes

AU - Dunkelman, Orr

AU - Preneel, Bart

N1 - ECRYPT's hash function workshop 2007, Barcelona

PY - 2007/1/1

Y1 - 2007/1/1

N2 - In this paper we extend the herding attacks for concatenated hash functions, i.e., hash functions of the form h(x) = h1(x)||h2(x). Our results actually apply a much larger set of hash functions. We show that even when the compression function of h (·) can be written as two (or more) data paths, where one data path is not affected by the second (while the second may depend on the first), then the generalized herding attack can be applied. This result along with Joux's original observations show that schemes that aim to improve the resistance of hash functions against these attacks, must use diffusion between the various data paths.

AB - In this paper we extend the herding attacks for concatenated hash functions, i.e., hash functions of the form h(x) = h1(x)||h2(x). Our results actually apply a much larger set of hash functions. We show that even when the compression function of h (·) can be written as two (or more) data paths, where one data path is not affected by the second (while the second may depend on the first), then the generalized herding attack can be applied. This result along with Joux's original observations show that schemes that aim to improve the resistance of hash functions against these attacks, must use diffusion between the various data paths.

M3 - Paper

ER -

Generalizing the herding attack to concatenated hashing schemes

Abstract

Bibliographical note

Access to Document

Fingerprint

Cite this