TU Darmstadt / ULB / TUbiblio

On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths

Gebhardt, Max and Illies, Georg and Schindler, Werner
Alkassar, A. and Siekmann, J. (eds.) (2008):
On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths.
In: Sicherheit 2008, Gesellschaft für Informatik, Köllen, Bonn, In: Lecture Notes in Informatics, [Conference or Workshop Item]

Abstract

This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4].

Item Type: Conference or Workshop Item
Erschienen: 2008
Editors: Alkassar, A. and Siekmann, J.
Creators: Gebhardt, Max and Illies, Georg and Schindler, Werner
Title: On an Approach to Compute (at Least) Almost Exact Probabilities for Differential Hash Collision Paths
Language: ["languages_typename_1" not defined]
Abstract:

This paper presents a new, generally applicable method to compute the probability of given differential (near-)collision paths in Merkle-Damgard-type hash functions. The path probability determines the expected workload to generate a collision (and thus the true risk potential of a particular attack). In particular, if the expected workload appears to be in a borderline region between practical feasibility and non-feasibility (as for SHA-1 collisions, for instance) it is desirable to know these probabilities as exact as possible. For MD5 we verified the accuracy of our approach experimentally. Our results underline both that the number of bit conditions only provides a rough estimate for the true path probability and the impact of the IV. An expanded version of this paper can be found online [GIS4].

Title of Book: Sicherheit 2008, Gesellschaft für Informatik
Series Name: Lecture Notes in Informatics
Number: P-128
Publisher: Köllen
Uncontrolled Keywords: Secure Things;hash function, collision path, postaddition, probability, stochastic model
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
LOEWE > LOEWE-Zentren
LOEWE
Event Location: Bonn
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2008-1130
Export:
Suche nach Titel in: TUfind oder in Google

Optionen (nur für Redakteure)

View Item View Item