###
**Gebhardt, Max and Illies, Georg and Schindler, Werner**

**Alkassar, A. and Siekmann, J. (eds.)** (2008):

*On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths.*

In: Sicherheit 2008, Gesellschaft für Informatik, Köllen, Bonn, In: Lecture Notes in Informatics, [Conference or Workshop Item]

## Abstract

This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4].

Item Type: | Conference or Workshop Item |
---|---|

Erschienen: | 2008 |

Editors: | Alkassar, A. and Siekmann, J. |

Creators: | Gebhardt, Max and Illies, Georg and Schindler, Werner |

Title: | On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths |

Language: | ["languages_typename_1" not defined] |

Abstract: | This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4]. |

Title of Book: | Sicherheit 2008, Gesellschaft für Informatik |

Series Name: | Lecture Notes in Informatics |

Number: | P-128 |

Publisher: | Köllen |

Uncontrolled Keywords: | Secure Things;hash function, collision path, postaddition, probability, stochastic model |

Divisions: | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt LOEWE > LOEWE-Zentren LOEWE |

Event Location: | Bonn |

Date Deposited: | 30 Dec 2016 20:23 |

Identification Number: | TUD-CS-2008-1130 |

Export: | |

Suche nach Titel in: | TUfind oder in Google |

#### Optionen (nur für Redakteure)

View Item |