Title :
Hash Function Vulnerability Index and Hash Chain Attacks
Author_Institution :
Ohio State Univ., Ohio
Abstract :
A hash chain is constructed by repeated hashing from an initial value. While it finds applications for network protocol design it also poses threats to hash function one-way and collision-free properties. We investigate the complexity of breaking hash function security properties by hash chain attacks using probabilistic algorithms. We show that each hash function has a vulnerability index that measures its inherent vulnerability against hash chains attacks. The vulnerability index is invariant with respect to different types of hash chain attacks using probabilistic algorithms with or without an oracle. It provides a criterion for the evaluation of the prevalent hash functions and also be used as a guide for the design of new hash functions. We analyze the properties of the vulnerability indices and estimate their values of the commonly used hash functions: MD5, SHA1, RIPEMD128 and RIPEMD160. Preliminary experiments indicate that their vulnerability indices are rather low; that is, it is hard to break their security properties by hash chain attacks with probabilistic algorithms.
Keywords :
Internet; data integrity; digital signatures; routing protocols; MD5; RIPEMD128; RIPEMD160; SHA1; collision-free properties; hash chain attacks; hash function; hash function one-way properties; network protocol design; probabilistic algorithms; repeated hashing; vulnerability index; Contracts; Digital signatures; Internet; Message authentication; Robustness; Routing protocols; Security; Hash chain attack; Hash function; Probabilistic algorithms; Vulnerability Index;
Conference_Titel :
Secure Network Protocols, 2007. NPSec 2007. 3rd IEEE Workshop on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-1603-5
Electronic_ISBN :
978-1-4244-1603-5
DOI :
10.1109/NPSEC.2007.4371616
