On hash functions using checksums

Gauravaram, Praveen, Kelsey, John, Knudsen, Lars R., & Thomsen, Søren S. (2009) On hash functions using checksums. International Journal of Information Security, 9(2), pp. 137-151.

View at publisher


We analyse the security of iterated hash functions that compute an input dependent checksum which is processed as part of the hash computation. We show that a large class of such schemes, including those using non-linear or even one-way checksum functions, is not secure against the second preimage attack of Kelsey and Schneier, the herding attack of Kelsey and Kohno and the multicollision attack of Joux. Our attacks also apply to a large class of cascaded hash functions. Our second preimage attacks on the cascaded hash functions improve the results of Joux presented at Crypto’04. We also apply our attacks to the MD2 and GOST hash functions. Our second preimage attacks on the MD2 and GOST hash functions improve the previous best known short-cut second preimage attacks on these hash functions by factors of at least 226 and 254, respectively. Our herding and multicollision attacks on the hash functions based on generic checksum functions (e.g., one-way) are a special case of the attacks on the cascaded iterated hash functions previously analysed by Dunkelman and Preneel and are not better than their attacks. On hash functions with easily invertible checksums, our multicollision and herding attacks (if the hash value is short as in MD2) are more efficient than those of Dunkelman and Preneel.

Impact and interest:

10 citations in Scopus
Search Google Scholar™
9 citations in Web of Science®

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 81624
Item Type: Journal Article
Refereed: Yes
Keywords: Iterated hash functions, Checksums, Generic attacks
DOI: 10.1007/s10207-009-0100-7
ISSN: 1615-5270
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2009 Springer-Verlag
Deposited On: 05 Feb 2015 02:00
Last Modified: 10 Feb 2015 05:05

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page