{"title":"From a logical approach to internal states of Hash functions how SAT problem can help to understand SHA-⋆ and MD⋆","authors":"F. Legendre, Gilles Dequen, M. Krajecki","doi":"10.5220/0004534104350443","DOIUrl":null,"url":null,"abstract":"This paper deals with logical cryptanalysis of hash functions. They are commonly used to check data integrity and to authenticate protocols. These functions compute, from an any-length message, a fixed-length bit string, usually named digest. This work defines an experimental framework, that allows, thanks to the propositional formalism, to study cryptosystems at the bit level through corresponding instances of the SAT problem. Thus, we show that some internal words of popular hashing functions MD⋆ and SHA-⋆ are not as random as expected and provide some convincing elements to explain this phenomenon by the use of round constants. Because this presents several weaknesses, we show how to detect and exploit these ones through an application based on logical cryptanalysis. As a result we show equivalences, and quasi-equivalences between digits and explain how we inverse reduced-step versions of MD5 and SHA-1.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"29 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Security and Cryptography (SECRYPT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0004534104350443","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
This paper deals with logical cryptanalysis of hash functions. They are commonly used to check data integrity and to authenticate protocols. These functions compute, from an any-length message, a fixed-length bit string, usually named digest. This work defines an experimental framework, that allows, thanks to the propositional formalism, to study cryptosystems at the bit level through corresponding instances of the SAT problem. Thus, we show that some internal words of popular hashing functions MD⋆ and SHA-⋆ are not as random as expected and provide some convincing elements to explain this phenomenon by the use of round constants. Because this presents several weaknesses, we show how to detect and exploit these ones through an application based on logical cryptanalysis. As a result we show equivalences, and quasi-equivalences between digits and explain how we inverse reduced-step versions of MD5 and SHA-1.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
