TU Darmstadt / ULB / TUbiblio

On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths

Gebhardt, Max ; Illies, Georg ; Schindler, Werner
Alkassar, A. ; Siekmann, J. (eds.) (2008):
On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths.
In: Lecture Notes in Informatics, In: Sicherheit 2008, Gesellschaft für Informatik, pp. 111-125,
Köllen, Bonn, [Conference or Workshop Item]

Abstract

This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4].

Item Type: Conference or Workshop Item
Erschienen: 2008
Editors: Alkassar, A. ; Siekmann, J.
Creators: Gebhardt, Max ; Illies, Georg ; Schindler, Werner
Title: On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths
Language: ["languages_typename_1" not defined]
Abstract:

This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4].
Book Title: Sicherheit 2008, Gesellschaft für Informatik
Series: Lecture Notes in Informatics
Issue Number: P-128
Publisher: Köllen
Uncontrolled Keywords: Secure Things;hash function, collision path, postaddition, probability, stochastic model
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
LOEWE > LOEWE-Zentren
LOEWE
Event Location: Bonn
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2008-1130
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details
OAI 2.0-Basis-URL: https://tubiblio.ulb.tu-darmstadt.de/cgi/oai2 TUbiblio verwendet EPrints 3.
Drucken | Impressum | Datenschutzerklärung