HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Herding, Second Preimage and Trojan Message Attacks Beyond Merkle-Damgaard

Abstract : In this paper we present new attack techniques to analyze the structure of hash functions that are not based on the classical Merkle-Damgaard̊ construction. We extend the herding attack to concatenated hashes, and to certain hash functions that process each message block several times. Using this technique, we show a second preimage attack on the folklore “hash-twice” construction which process two concatenated copies of the message. We follow with showing how to apply the herding attack to tree hashes. Finally, we present a new type of attack — the trojan message attack, which allows for producing second preimages of unknown messages (from a small known space) when they are appended with a fixed suffix.
Document type :
Conference papers
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download

Contributor : Charles Bouillaguet Connect in order to contact the contributor
Submitted on : Thursday, September 17, 2009 - 12:41:04 AM
Last modification on : Thursday, March 17, 2022 - 10:08:24 AM
Long-term archiving on: : Tuesday, October 16, 2012 - 11:01:05 AM


Files produced by the author(s)


  • HAL Id : inria-00417798, version 1



Elena Andreeva, Charles Bouillaguet, Orr Dunkelman, John Kelsey. Herding, Second Preimage and Trojan Message Attacks Beyond Merkle-Damgaard. SAC, Aug 2009, Calgary, Canada. 22p. ⟨inria-00417798⟩



Record views


Files downloads