Entry Albertini:2014:MHE from lncs2014a.bib

Last update: Wed Nov 7 02:05:14 MST 2018

Index sections

Top | Math | A | B | C | D | E | F | G | H | I | K | L | M | N | O | P | R | S | T | U | V | W | Z

BibTeX entry

@Article{Albertini:2014:MHE,
  author =       "Ange Albertini and Jean-Philippe Aumasson and Maria
                 Eichlseder and Florian Mendel and Martin
                 Schl{\"a}ffer",
  title =        "Malicious Hashing: {Eve}'s Variant of {SHA-1}",
  journal =      j-LECT-NOTES-COMP-SCI,
  volume =       "8781",
  pages =        "1--19",
  day =          "29",
  month =        nov,
  year =         "2014",
  CODEN =        "LNCSD9",
  DOI =          "https://doi.org/10.1007/978-3-319-13051-4_1",
  ISSN =         "0302-9743 (print), 1611-3349 (electronic)",
  ISSN-L =       "0302-9743",
  bibdate =      "Mon Mar 09 11:15:46 2015",
  bibsource =    "http://www.math.utah.edu/pub/tex/bib/cryptography2010.bib;
                 http://www.math.utah.edu/pub/tex/bib/hash.bib;
                 http://www.math.utah.edu/pub/tex/bib/lncs2014a.bib",
  series =       ser-LNCS,
  URL =          "http://eprint.iacr.org/2014/694;
                 http://link.springer.com/chapter/10.1007/978-3-319-13051-4_1;
                 https://malicioussha1.github.io/",
  abstract =     "We present collisions for a version of SHA-1 with
                 modified constants, where the colliding payloads are
                 valid binary files. Examples are given of colliding
                 executables, archives, and images. Our malicious SHA-1
                 instances have round constants that differ from the
                 original ones in only 40 bits (on average). Modified
                 versions of cryptographic standards are typically used
                 on closed systems (e.g., in pay-TV, media and gaming
                 platforms) and aim to differentiate cryptographic
                 components across customers or services. Our
                 proof-of-concept thus demonstrates the exploitability
                 of custom SHA-1 versions for malicious purposes, such
                 as the injection of user surveillance features. To
                 encourage further research on such malicious hash
                 functions, we propose definitions of malicious hash
                 functions and of associated security notions.",
  acknowledgement = ack-nhfb,
  book-URL =     "http://link.springer.com/chapter/10.1007/978-3-319-13051-4",
  fjournal =     "Lecture Notes in Computer Science",
  journal-URL =  "http://link.springer.com/bookseries/558",
  keywords =     "cryptanalysis; hash functions; malicious cryptography,
                 backdoors; secret-key cryptography; SHA-1",
  remark =       "Cite in \cite[reference 2]{Schneier:2015:SWC}.",
}

Related entries

cryptographic, 8349(0)317
function, 8349(0)26, 8349(0)217, 8349(0)317
round, 8349(0)146, 8349(0)192
security, 8349(0)95