Password Recovery on Challenge and Response: Impossible Differential Attack on Hash Function

机译：挑战和响应中的密码恢复：对哈希函数的不可能的差分攻击

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

We propose practical password recovery attacks against two challenge-response authentication protocols using MD4. When a response is computed as MD4(Password||Challenge), passwords up to 12 characters are practically recovered. To recover up to 8 characters, we need 16 times the amount of eavesdropping and 16 times the number of queries, and the off-line complexity is less than 2~(35) MD4 computations. To recover up to 12 characters, we need 2~(10) times the amount of eavesdropping and 2~(10) times the number of queries, and the off-line complexity is less than 2~(40) MD4 computations. When a response is computed as MD4(Password||Challenge||Password), passwords up to 8 characters are practically recovered by 2~8 times the amount of eavesdropping and 2~8 times the number of queries, and the off-line complexity is less than 2~(39) MD4 computations. Our approach is similar to the "Impossible differential attack", which was originally proposed for recovering the block cipher key. Good impossible differentials for hash functions are achieved by using local collision. This indicates that the presence of one practical local collision can damage the security of protocols.

机译：我们针对使用MD4的两种质询响应身份验证协议提出了实用的密码恢复攻击。当将响应计算为MD4（Password || Challenge）时，实际上最多可以恢复12个字符的密码。要恢复最多8个字符，我们需要进行16倍的窃听和16倍的查询，并且离线复杂度小于2〜（35）个MD4计算。要恢复最多12个字符，我们需要侦听量的2〜（10）倍和查询数量的2〜（10）倍，并且离线复杂度小于2〜（40）个MD4计算。当将响应计算为MD4（Password || Challenge ||| Password）时，实际上最多可以恢复8个字符的密码，其窃听量为2〜8倍，查询次数为2〜8倍，并且离线复杂度高小于2〜（39）个MD4计算。我们的方法类似于“不可能的差分攻击”，它最初是为恢复分组密码密钥而提出的。通过使用局部冲突，可以实现哈希函数的良好的不可能微分。这表明一个实际的本地冲突的存在会破坏协议的安全性。

著录项

来源
《Progress in Cryptology - AFRICACRYPT 2008》|2008年|P.290-307|共18页
会议地点 Casablanca(MA);Casablanca(MA)
作者
Yu Sasaki; Lei Wang; Kazuo Ohta; Noboru Kunihiro;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类密码、密码机;
关键词
challenge and response; prefix; hybrid; impossible differential attack; local collision; hash function; md4;

机译：挑战与反应;前缀;混合;不可能的差异攻击;局部冲突;哈希函数; md4;

相似文献

外文文献
中文文献
专利

1. GPU-Based High Performance Password Recovery Technique for Hash Functions [J] . Qiu Weidong, Gong Zheng, Guo Yidong, Journal of Information Recording . 2016,第1期

机译：基于GPU的哈希函数高性能密码恢复技术
2. Improved impossible differential attack on reduced version of Camellia with FL/FL−1 functions [J] . Ya Liu, Anren Yang, Zhiqiang Liu, Information Security, IET . 2016,第6期

机译：使用FL / FL-1功能改进了对茶花的简化版本的不可能的差异攻击
3. SECURITY OF THE POSEIDON HASH FUNCTION AGAINST NON-BINARY DIFFERENTIAL AND LINEAR ATTACKS [J] . Kovalchuk L., Oliynykov R., Rodinko M. Cybernetics and Systems Analysis . 2021,第2期

机译：Poseidon哈希函数对非二进制差分和线性攻击的安全性
4. Password Recovery on Challenge and Response: Impossible Differential Attack on Hash Function [C] . Yu Sasaki, Lei Wang, Kazuo Ohta, International Conference on Cryptology in Africa . 2008

机译：密码恢复挑战和响应：对哈希函数的不可能的差异攻击
5. Cube attacks on cryptographic hash functions. [D] . Lathrop, Joel. 2009

机译：对加密哈希函数的多维数据集攻击。
6. Post-stroke Delivery of Valproic Acid Promotes Functional Recovery and Differentially Modifies Responses of Peri-Infarct Microglia [O] . Tung-Tai Kuo, Vicki Wang, Jui-Sheng Wu, 2021

机译：丙戊酸后递送促进功能性恢复并差异地改变Peri-Infarct Microglia的反应
7. SECURE WEB APPLICATIONS AGAINST OFF-LINE PASSWORD GUESSING ATTACK: A TWO WAY PASSWORD PROTOCOL WITH CHALLENGE RESPONSE USING ARBITRARY IMAGES [O] . Lu Zebin 2013

机译：防止离线密码处理攻击的安全Web应用程序：具有任意图像的具有挑战性响应的双向密码协议

Password Recovery on Challenge and Response: Impossible Differential Attack on Hash Function

摘要

著录项

相似文献

相关主题

期刊订阅