Skip to main content
SpringerLink
Log in

Preimage Attacks against Variants of Very Smooth Hash

  • Conference paper
Advances in Information and Computer Security (IWSEC 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6434))

Included in the following conference series:

  • 939 Accesses

Abstract

In this paper, we show that some new variants of the Very Smooth Hash (VSH) hash function are susceptible to similar types of preimage attacks as the original VSH. We also generalise the previous mathematical results, which have been used in the preimage attacks. VSH is a hash function based on the multiexponentiation of prime numbers modulo some large product of two primes. The security proof of VSH is based on some computational problems in number theory, which are related to the problem of factoring large integers. However, the preimage resistance of VSH has been studied and found somewhat lacking especially in password protection. There have been many different variants of VSH proposed by the original authors and others. Especially the discrete logarithm version of VSH has been proposed in order to make the hash values shorter. Further proposals have used the discrete logarithm in finite fields and elliptic curves to gain even more advantage to the hash length. Our results demonstrate that even for these new variants, the same ideas for preimage attacks can be applied as for the original VSH and they result in effective preimage attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bellare, M., Ristov, T.: Hash functions from sigma protocols and improvements to VSH. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 125–142. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  2. Blake, I.F., Shparlinski, I.E.: Statistical distribution and collisions of the VSH. Journal of Mathematical Cryptology 1(4), 329–349 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  3. Contini, S., Lenstra, A.K., Steinfeld, R.: VSH, an efficient and provable collision-resistant hash function. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 165–182. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. DamgĂ¥rd, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)

    Google Scholar 

  5. De Cannière, C., Rechberger, C.: Preimages for reduced SHA-0 and SHA-1. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 179–202. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Halunen, K., Rikula, P., Röning, J.: Finding preimages of multiple passwords secured with VSH. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 499–503 (March 2009)

    Google Scholar 

  7. Halunen, K., Rikula, P., Röning, J.: On the security of VSH in password schemes. In: ARES, pp. 828–833. IEEE Computer Society, Los Alamitos (2008)

    Google Scholar 

  8. Joux, A.: Multicollisions in iterated hash functions. application to cascaded constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 306–316. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Kelsey, J., Kohno, T.: Herding hash functions and the Nostradamus attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 183–200. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Koblitz, N.: Algebraic Aspects of Cryptography. Algorithms and Computation in Mathematics, vol. 3. Springer, Berlin (1998)

    MATH  Google Scholar 

  11. Lenstra, A.K., Lenstra Jr., H.W., Manasse, M.S., Pollard, J.M.: The number field sieve. In: STOC 1990: Proceedings of the twenty-second annual ACM symposium on Theory of computing, pp. 564–572. ACM Press, New York (1990)

    Chapter  Google Scholar 

  12. Lenstra, A.K.: Using cyclotomic polynomials to construct efficient discrete logarithm cryptosystems over finite fields. In: Mu, Y., Pieprzyk, J.P., Varadharajan, V. (eds.) ACISP 1997. LNCS, vol. 1270, pp. 127–138. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  13. Lenstra, A.K., Page, D., Stam, M.: Discrete logarithm variants of VSH. In: NguyĂªn, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 229–242. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Lenstra, A.K., Verheul, E.R.: The XTR public key system. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  15. Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)

    Google Scholar 

  16. Preneel, B.: The state of hash functions and the NIST SHA-3 competition. In: Yung, M., Liu, P., Lin, D. (eds.) Inscrypt 2008. LNCS, vol. 5487, pp. 1–11. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  17. Python Software Foundation: Python programming language (2007), http://python.org/

  18. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978), see also U.S. Patent \(\mbox{4,405,829}\)

    Article  MathSciNet  MATH  Google Scholar 

  19. Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371–388. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  20. Rubin, K., Silverberg, A.: Torus-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 349–365. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Saarinen, M.J.O.: Security of VSH in the real world. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 95–103. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. Stein, W., et al.: Sage Mathematics Software, Version 4.3.5 (2010), http://www.sagemath.org

  23. Stevens, M., Lenstra, A.K., de Weger, B.: Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 1–22. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  24. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Oulu University Secure Programming Group Department of Electrical and Information Engineering, University of Oulu, P.O. Box 4500, 90014, Finland

    Kimmo Halunen & Juha Röning

Authors
  1. Kimmo Halunen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Juha Röning
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. National Institute of Informatics, 2-1-2 Hitotsubashi, 101-8430, Chiyoda-ku, Tokyo, Japan

    Isao Echizen

  2. School of Frontier Sciences, Department of Complexity Science and Engineering, University of Tokyo, 5-1-5 Kashiwanoha, Kashiwa-shi, 277-8561, Chiba, Japan

    Noboru Kunihiro

  3. School of Science and Technology for Future Life, Department of Information Systems and Multi Media, Tokyo Denki University, 2-2 Kanda-Nishiki-cho, 101-8457, Chiyoda-ku, Tokyo, Japan

    Ryoichi Sasaki

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Halunen, K., Röning, J. (2010). Preimage Attacks against Variants of Very Smooth Hash. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds) Advances in Information and Computer Security. IWSEC 2010. Lecture Notes in Computer Science, vol 6434. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16825-3_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16825-3_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16824-6

  • Online ISBN: 978-3-642-16825-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation