Watch your constants: malicious Streebog. Issue 6 (1st November 2015)
- Record Type:
- Journal Article
- Title:
- Watch your constants: malicious Streebog. Issue 6 (1st November 2015)
- Main Title:
- Watch your constants: malicious Streebog
- Authors:
- AlTawy, Riham
Youssef, Amr M. - Abstract:
- Abstract : In August 2012, the Streebog hash function was selected as the new Russian cryptographic hash standard (GOST R 34.11‐2012). In this study, the authors investigate the new standard in the context of malicious hashing and present a practical collision for a malicious version of the full hash function. In particular, they apply the rebound attack to find three solutions for three different differential paths for four rounds. Then, using the freedom of the round constants they connect them to obtain a collision for the 12 rounds of the compression function. Additionally, and because of the simple processing of the counter, they bypass the barrier of the checksum finalisation step and transfer the compression function collision to the hash function output with no additional cost. The presented attack has a practical complexity and is verified by an example. Although the results of this study may not have a direct impact on the security of the current Streebog hash function, it presents an urge for the designers to publish the origin of the used parameters and the rational behind their choices in order for this function to gain enough confidence and widespread adoption by the security community.
- Is Part Of:
- IET information security. Volume 9:Issue 6(2015)
- Journal:
- IET information security
- Issue:
- Volume 9:Issue 6(2015)
- Issue Display:
- Volume 9, Issue 6 (2015)
- Year:
- 2015
- Volume:
- 9
- Issue:
- 6
- Issue Sort Value:
- 2015-0009-0006-0000
- Page Start:
- 328
- Page End:
- 333
- Publication Date:
- 2015-11-01
- Subjects:
- cryptography
Streebog hash function -- Russian cryptographic hash standard -- malicious hashing -- full hash function -- rebound attack -- compression function -- checksum finalisation step -- used parameters -- security community
Computer security -- Periodicals
Cryptography -- Periodicals
Computer networks -- Security measures -- Periodicals
Database security -- Periodicals
005.8 - Journal URLs:
- https://ietresearch.onlinelibrary.wiley.com/journal/17518717 ↗
http://digital-library.theiet.org/content/journals/iet-ifs ↗
http://www.ietdl.org/IET-IFS ↗
http://www.theiet.org/ ↗ - DOI:
- 10.1049/iet-ifs.2014.0540 ↗
- Languages:
- English
- ISSNs:
- 1751-8709
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4363.252660
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16470.xml